Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›

DeepHack Demo - Exploiting SQLi by Using an Open-source Hacking AI Tool

At risk of appearing like mad scientists, reveling in our latest unholy creation, we proudly introduce you to DeepHack: the open-source hacking AI. This bot learns how to break into web applications using a neural network, trial-and-error, and a frightening disregard for humankind.

Bishop Fox lead researcher, Dan Petro, previews how pen testers can use the DeepHack tool.


Hi everyone. Alt F4 here. What you're watching is a computer program hacking into a web applications database by exploiting a sequel injection vulnerability. But what makes this
program special that we never coded it to do this. Instead, it learned how you see nowhere in DeepHack's source code where you find any sequel injection strings sequel syntax or structure. Instead, it uses a neural network to figure out how to extract information from this web vulnerability. DeepHack is the beginning of a new class of tools that adds artificial intelligence to the
hackers playbook. Moreover, AI frameworks are more accessible than ever, making it easy for you to create your very own doomsday or pen testing machines. For more information, come check out our DEF CON presentations, Sunday July 30th. Details below, and thanks for watching.

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.