Jitendra Chauhan

Paper Title

Toliman, a Hadoop Pentesting Tool

Abstract

Toliman is a Hadoop Penetration Testing and Security Audit tool with the following main objectives: Evaluate how secure is a given Hadoop Deployment, and develop a Swiss Knife for Hadoop Pentesting and Security Audit. It is one of the first tools of its kind and we hope that it will a long way in this direction.

Some of the capabilities of the tool are as follows:

1. Hadoop Version Detection (< 2.x or > 2.x)
2. Services Identification Fingerprinting
3. Security Audit of Configuration
4. Validate Authentication and Authorization
5. Stealing Sensitive Information
6. Exploitation Modules: Malicious MR Job, Container Permission Analysis

Toliman will have following modes:

1. Information Gathering (IG)
2. Configuration Audit (AG)
3. Safe Exploitation (S-EX)
4. Thunder (Complete Exploitation)

Speaker Bio

Jitendra Chauhan is Security Researcher and Consultant for the last 8 years. He is Graduate and Post Graduate from IITKharagpur. He is currently heading R&D at iViZ Security, Bangalore. His core expertise includes Web & Network Penetration Testing, Secure Source Code Auditing, Building Research Tools and J2EE Security Training.

At iViZ, he has worked on many exciting projects including Multi Vector Analysis (MAV), building a SaaS Platform for Security, and building Tester's Workbench for conducting business logic testing. He has also conducted Penetration testing & Secure Source Code Review for major industry verticals including Banking & Life Insurance, eCommerce, Casino, GRC etc.