Presented at Black Hat USA 2022 Arsenal
We gave a presentation titled "MUSHIKAGO-femto: Automated Pentest & First Aid Tool for IT/OT Environments" at the Black Hat USA 2022 Arsenal to be held in Las Vegas, USA from 8/6 to 8/11/2022. This was my second presentation at Black Hat, following one in 2021. The level of presentations was very high again this year, with interesting talks and tools lined up, and we are very honored that our tool was selected among them.
MUSHIKAGO-femto* is an automated penetration testing tool that is freely available to the public as OSS. femto features a first aid function, which automatically defends against the same pseudo-attacks that succeed in penetration tests using the eBPF function. The same attack can be automatically defended against using the eBPF functionality. Although still in the research phase, we would like to offer a new MUSHIKAGO series in the future that incorporates the first aid function.
(*Update as of September 2025: This OSS project was discontinued in October 2023.)
In our presentation at Black Hat, we demonstrated how femto can automatically perform penetration tests on Hack The Box machines and VulnHub machines. In the future, we plan to add functionality so that even machines with more complex configurations can be exploited automatically.
We hope to continue to participate in various conferences other than Black Hat so that we can output more interesting research.
Archive
- March 2026
- November 2025
- October 2025
- September 2025
- June 2025
- March 2025
- February 2025
- October 2024
- August 2024
- May 2024
- April 2024
- March 2024
- February 2024
- November 2023
- October 2023
- April 2023
- September 2022
- August 2022
- July 2022
- June 2022
- April 2022
- March 2022
- December 2021
- October 2021
- August 2021