Penetration Testing: RE: Re: Core Impact vs. Canvas vs. Metasploit

["Sahir Hidayatullah" <sahirh () mielesecurity com>]

> commercial grade is richer with attacks
Are you refering to the number of exploits provided? Don't forget that
Metasploit is designed as an exploitation framework, it also makes it
significantly easier to put together an exploit. I also find that just about
every worthwhile exploit makes it into a metasploit module pretty soon.

> more developed GUI
Being addressed for Framework 3.0 -- Web GUI with AJAX as well as WxRuby
standalone GUI. See page 10 of Moore's CSW presentation here:
http://www.cansecwest.com/slides06/csw06-moore.pdf

> ability to use "syscall proxies"
Once again, framework 3.0 has a heavily ramped up meterpreter module. You'll
essentially get a complete programmatic shell (Ruby's IRB for those
familiar) on exploitation. This lets you do some extremely nifty things
(imagine having the complete power of ruby in your hands), refer to:
http://metasploit.blogspot.com/2006/04/post-exploitation-fun-in-metasploit-3
0.html

Other interesting developments for Metasploit 3.0 include session sharing
among many users (great for testing as a team), ability to concurrently
attack and manage multiple victim sessions, aux modules will allow recon and
integration with your other tools (nmap, nessus etc).

The key here is extensibility of the tool -- I would say if you can code,
Metasploit gives you significantly more flexibility over most of the
commercial alternatives. Not to mention there is a rather obvious price
difference as well.

Cheers,

Sahir Hidayatullah.


http://metasploit.blogspot.com/2006/04/post-exploitation-fun-in-metasploit-3
0.html

-----Original Message-----
From: alphafreq () yahoo com [mailto:alphafreq () yahoo com] 
Sent: Sunday, April 30, 2006 1:52 AM
To: pen-test () securityfocus com
Subject: Re: Re: Core Impact vs. Canvas vs. Metasploit

I believe besides the more obvious (commercial grade is richer with attacks
and more developed GUI), in short the biggest functional difference between
Metasploit and Canvas/Core is the ability to use "syscall proxies" that Core
Impact I beleive originally developed that overcomes limitation of
pre-packaged payloads. This is described in detail by Maximiliano Cáceres
from Core.  I have not personally used Canvas yet, but know that Dave Aitel
developed this capability in MOSDEF (free) as well as Canvas.

----------------------------------------------------------------------------
--
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to
rise, 
you need to proactively protect your applications from hackers. Cenzic has
the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
----------------------------------------------------------------------------
--



------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------