GATKit Documentation » How to use GATKit

How to use GATKit

This small introduction shows in five steps how to use GATKit.


configuration Step 1 - Configuration

After starting GATKit by running the GATKit.gambas file you can see the main frame. If you have never started or configured GATKit, the default configuration is used. Before you can do your specific scans, you have to edit the running configuration by pressing the config button in the toolbar.

You are able to change the behavior of the whole GATKit software. Very important is for example specifying the target system. You can do this by either selecting a host name or IP address. Other things as like doing denial of service attacks, using mapping to determine the target or the definition of the directories of plugins and suggestions can also be made. Take a few minutes to check all possibilities to get the most efficient configuration for your penetration test.

Afterwards you can apply the new configuration by pressing the OK button. The individual configuration will be saved and also used the next time you are running GATKit. Pressing the cancel button drops your changes and the default button resets the whole configuration.



selecting_a_plugin Step 2 - Selecting a plugin

When you are in the main frame you are able to select a plugin by clicking one of the nodes in the left treeview. The plugin will be loaded into the memory and the fields are shown in the right textbox.

If you are looking for a specific check or don't know what a plugin is for, you can browsing thru the different sortings of the treeview. This includes GATKit plugin IDs, check names, port numbers, severity, CVE names, Nessus plugin IDs and many more.



preparing_the_scan Step 3 - Preparing the scan

If you have configured your GATKit and selected a specific scan, you may want to prepare the tool for the attack. If you select edit in the toolbar you are able to open the internal plugin editor. There you are able to see and edit every field in the plugin. This includes also the attack procedure so you are able to create your own and individual attacks.

The attack visualizing later shows the running attack in real-time and the attack response allows to do a response analysis of the finished check.



finished_scan Step 4 - Running the attack

If your scan has been prepared, you can start the attack by pressing the start button. It will take a few seconds to run the attack and to compute the results of the scan attempt. If the scan is finished, GATKit will show the existence or non-existence of the checked flaw. If the vulnerability was found, a red textbox will appear - If the vulnerability couldn't be found, a green textbox will appear.



attack_response Step 5 - Analyzing the results

If you click on this textbox after the scan is finished, the attack response window will open so a further analysis of the response can be done. False positives or negatives could be determined and further investigations for individual checks can be done. There are also suggestions for further analysis and attacks given. The silent checks - if activated - determine other plugins that would perhaps also detect the existence of potential flaws without touching the target.

Top