WhizRT | VAPTBOX

AI Vulnerability Assessor & Penetration Tester

Home|WhizRT & VAPTBOX: AI Vulnerability Assessor & Pen-Tester

WhizRT is an intelligent automated “vulnerability assessor and penetration tester” (VAPT). It is currently available to select trial users as a virtual appliance for use on your enterprise networks or cyber ranges, and as a portable device for use on fielded embedded systems.

WhizRT consists of two parts:

AI vulnerability assessor

This component of WhizRT automates the tasks of a software vulnerability evaluator for embedded systems. It automatically executes sequences of actions on devices to identify ports (JTAG, UART etc.), break into a command shell, extract binaries (firmware), and run vulnerability assessments on the extracted software. At the core is a deep learning AI engine, which is initially trained using a simulation and continues learning while in operation. It automatically generates a report of identified vulnerabilities.

AI penetration tester

This component of WhizRT automates the tasks of an ethical hacker (penetration tester). It automatically executes sequences of reconnaissance and exploit actions via the network, finding systems on the network, discovering vulnerabilities on them, and exploiting them. At the core is a deep learning AI engine, which is initially trained using a simulation and continues learning while in operation.

WhizRT is available (currently for selected trial users) as:

WhizRT portable device

WhizRT”s “VAPTBOX” portable device is used as an automated VAPT assessor for embedded devices. It supports connection to non-IP interfaces (e.g. JTAG, UART), and can be used by non-exports to assess already-fielded embedded systems.

WhizRT appliance

WhizRT’s (virtual) appliance that can be used as an automated VAPT assessor for IP-based networks, and  as an automated red team agent for cybersecurity training in your cyber training range.