Tool and Usage
APT2 is a tool written by Adam Compton and Austin Lane to help pentesters automate mundane scanning tasks. It leverages scan results from Nexpose, Nessus, or Nm
APT2 stands for Automated Penetration Testing Toolkit.
APT2 performs a scan with Nmap or can import the results of a scan from Nexpose or Nessus. The processed results will be used in the second phase. This phase launches exploit and enumeration modules. It helps pentesters to automate assessments and tasks.
Suggested components to have installed: convert, dirb, hydra, java, john, ldapsearch, msfconsole, nmap, nmblookup, phantomjs, responder, rpcclient, secretsdump.py, smbclient, snmpwalk, sslscan, xwd
Usage and audience
APT2 is commonly used for penetration testing or security assessment. Target users for this tool are pentesters and security professionals.
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code of this software is available
History and highlights
- Demoed at Black Hat Europe 2016
- Presentation at Black Hat USA 2016
Supported operating systems
APT2 is known to work on Linux.
Several dependencies are required to use APT2.
- Python 2
Similar tools to APT2:
Seccubus automates vulnerability scanning with support for Nessus, OpenVAS, NMap, SSLyze, Medusa, SkipFish, OWASP ZAP, and SSLlabs.
The AutoNessus tool helps with automating vulnerability scans via the Nessus API. It lists policies and can configure the state of scans.
Nmap is a security scanner that can perform a port scan, network exploration, and determine vulnerabilities