Scalable Distributed Attack Platform

Due to lack of root privileges it will not be possible to test UDP services using the cluster.

[master ~]$ nmap -F -d2 -sU scanme.nmap.org
You requested a scan type which requires root privileges.
QUITTING!

Metasploit intergration has begun, attempting to use jRuby to allow use of Ruby in Java.

The next steps for the project are intended to get some of the remaining base functionality in place, these include:-

• Looking into the existing nmap parsing scripts that should allow the combining of multiple scans into a single XML file.
• Looking into ways in which to distribute a nmap scan. Such possibilities as simply splitting by IP and / or by ports.
• Looking into how to pass the nmap results to nessus by commandline.
• Looking into how to implement either DJohn or DnetJ on the cluster.
• Looking into how to run ruby (metasploit) from Java. Possibility of having some predefined scripts than can simply be run and feed results back.
• Implement the above in code.

A number of key stages within the project have been implemented these include

• RMI groundings being in place the system is now able to communicate from the commander to the server and then from there to nodes.
• Load balancing has been implemented to a certain extent aka when the server selects a node to be use, it looks at the load averages of all nodes and selects the lowest.
• Have experimented with Nessus and have successfully run full scans with providing intitial data from an nmap scan.
• Have successfully run a nmap scan from a node in the SDAP program.