YoInspector: An Automation Pentesting tool
| dc.contributor.author | Muhammad Sahif As Sani | |
| dc.date.accessioned | 2025-06-09T03:07:53Z | |
| dc.date.available | 2025-06-09T03:07:53Z | |
| dc.date.issued | 2025-05-06 | |
| dc.description.abstract | This project, titled YoInspector, focuses on developing a command-line-based penetration testing automation tool using Python. It specifically targets two widely exploited vulnerabilities: Android Meterpreter Reverse_TCP and Windows SMB MS17-010 (EternalBlue). Both vulnerabilities are critical due to their widespread impact on Android devices and Windows systems, respectively. YoInspector aims to automate the processes of payload generation and exploitation through the integration of the Metasploit framework, a leading platform in penetration testing. Android Meterpreter Reverse_TCP is a commonly used attack vector, enabling unauthorized access to Android devices by establishing a reverse TCP connection. The exploit is significant in cybersecurity research and real-world attack simulations due to its versatility in testing mobile device vulnerabilities. Windows SMB MS17-010, known as EternalBlue, was famously used in the WannaCry ransomware attack in 2017. It exploits a critical flaw in the Windows SMB protocol, enabling remote code execution on vulnerable systems. Automating these attacks allows for a deeper understanding of their mechanisms and provides a streamlined method for cybersecurity practitioners to test their systems against these threats. This project builds on the foundation of existing penetration testing tools but fills a critical gap by focusing on lightweight automation for specific vulnerabilities. Tools like AutoSploit and Cobalt Strike offer broader automation but are either limited to generalized attack scenarios or are prohibitively expensive. YoInspector, in contrast, is open-source and caters specifically to Android and Windows vulnerabilities, ensuring cost-effectiveness and precision. The significance of this project lies in its ability to balance technical functionality with accessibility, making penetration testing more approachable for a diverse range of users. The inclusion of ethical guidelines and disclaimers further ensures that the tool aligns with responsible cybersecurity practices. As the threat landscape continues to evolve, tools like YoInspector play a vital role in equipping individuals and organizations to proactively address vulnerabilities in their systems. By integrating the Metasploit framework, the project provides users with a powerful and flexible toolset for ethical hacking. Its emphasis on automation not only simplifies the testing process but also highlights the importance of innovation in cybersecurity education and practice. With its focus on Android and Windows platforms, YoInspector demonstrates the potential to bridge the gap between complex penetration testing frameworks and accessible, targeted solutions for cybersecurity challenges. | |
| dc.identifier.uri | https://digitallibrary.peninsulacollege.edu.my/handle/123456789/1093 | |
| dc.publisher | PCN | |
| dc.title | YoInspector: An Automation Pentesting tool |