Penetration Testing mailing list archives
Re: Network Exploitation Tools
From: <darbean () cetin net cn>
Date: 23 Aug 2004 08:49:21 -0000
In-Reply-To: <200408191906.45416@M3T4>
On Thursday 19 August 2004 02:08, darbean () cetin net cn wrote:According to http://www.metasploit.com/bh/metasploit.pdf you captured all, for now.According to http://www.metasploit.com/confs/core04/core04_metasploit.pdf you didn't captured all, for now :) It said: "Handful of open source projects" in page 7.Spoonm and I debated this bullet and core04 and finally removed it for Black Hat. There are a handful of open-source exploit framework >projects, but none of them have been released yet. A couple of them are fuzzing/exploit frameworks, another one is a complete pen-test framework (exploits are just a component), and still others are combinations of
Would you please give me any hints for the keyword to search the so-called "fuzzing/exploit frameworks" and "complete pen-test framework" as you mentioned? I am interested and just can't find what you mentioned by google :( As I known, Core Impact had ever declared to be an "Automated Pen-test Framework" in its early version. In the meaning of covering the whole proceeding of pen-test from scanning to exploiting, "exploits framework" should be the main important part of "pen-test framework".
libraries and templates for adapting public code. It depends on your definition I guess, as far as "network exploitation tools" go, Andy already summed up the only useful options (FluXaY has exploits, but they are somewhat outdated).
In my opinions, FluXay is rather a vulnerability scanner (like Nessus) than an "exploits framework". Exploits in FlyXay are just accessory components. I am so appreciated for your magic Metasploit and other helpful information :-) Regards Darbean ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.securityfocus.com/sponsor/InfoSecInstitute_pen-test_040817 -------------------------------------------------------------------------------
Current thread:
- Network Exploitation Tools Andy Cuff (Aug 17)
- <Possible follow-ups>
- RE: Network Exploitation Tools Yonatan Bokovza (Aug 18)
- Re: Network Exploitation Tools darbean (Aug 19)
- Re: Network Exploitation Tools H D Moore (Aug 20)
- Re: Network Exploitation Tools darbean (Aug 20)
- Re: Network Exploitation Tools darbean (Aug 23)