mailing list archives
Re: Vulnerability/Penetration Testing Tools
From: H D Moore <fdlist () digitaloffense net>
Date: Tue, 17 Jan 2006 18:04:27 -0600
You should check out the Metasploit Framework:
When I viewed the online demo of SAINT Exploit in December of 2005, nearly
all of their exploit modules had names very similar to the ones found in
version 2.5 of the Metasploit Framework. The demo has been updated since
then and a handful of new exploits have been mixed in while others had
their name changed. Oh, and their placement of a Google Adword on
"metasploit" was a nice touch...
On Tuesday 17 January 2006 16:25, greybrimstone () aim com wrote:
I am in the process of researching a wide variety of penetration
testing tools and vulnerability assessment tools. I've already
researched many of the commercial tools like Coresecurity's Core Impact
tool and even know a bit about the new tool that saint is about to come
out with. What about open-source tools?
Are there any open source tools like Core Impact that allow you to
not only scan a network for vulnerabilities but then allow you to issue
attacks against those vulnerabilities? I'm interested in both windows
based and *nix based tools. Yes I am aware of nessus, exploit tree,
metaspoloit etc... but none of those really have the "identify then
attack" type of structure... they are either "identify" or "attack".
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
Re: Vulnerability/Penetration Testing Tools H D Moore (Jan 18)
Re: Vulnerability/Penetration Testing Tools greybrimstone (Jan 18)