Pentest framework environment is the base of IT security specialist’s toolkit. This tool is vital as for learning and improving IT systems attacks knowledge and for inspections and proactive protection. The need of native comprehensive open source pen test framework with high level of trust existed for a long time. That is why EAST framework was created for native and native friendly IT security markets.
- Framework security. Software used for IT security must have a high level of user trust. Easy to check open source Python code realized in EAST. It is used for all parts of the framework and modules. Relative little amount of code eases its verification by any user. No OS changes applied during software installation.
- Framework maximum simplicity. Archive downloads, main python script start.py launches, which allows exploits start-stop and message traffic. All handled local or remotely via browser.
- Exploits simplicity of creation and editing. Possibility to edit and add modules and exploits on the fly without restart. Module code body is easy and minimal in terms of amount.
- Cross-platform + minimal requirements and dependencies. Tests for Windows and Linux. Should function everywhere where Python is installed. Framework contains all dependencies and does not download additional libraries.
- Full capacity of vanilla pen test framework. In spite of simplicity and “unoverload” the framework has all necessary resources for wide range exploits to run, starting from Web to buffer overruns.
- Wide enhancement possibilities. Third party developers can create their own open source solutions or participate in EAST development by use of Server-client architecture, message traffic API and support libraries.