Dailydave mailing list archives
Re: RE: Network Exploitation Tools aka Exploitation Engines
From: Dave Aitel <dave () immunitysec com>
Date: Mon, 06 Sep 2004 20:21:29 -0400
For some people, although not all people, there are also two other points of interest: 1. Immunity is not a foreign (I.E. non-US) intelligence service, and our code is fully available to all of our customers. Why a military or government agency wouldn't demand full source code from a foreign (or even domestic) company selling an exploitation tool baffles me. Do we hire foreign companies to do penetration tests on our military networks? Why would the US military use a closed source penetration test tool from a non-US company on sensitive networks? It boggles the mind. 2. Immunity's open-source support is unwavering and absolute. We are completely against software patents, whereas CORE's founders all are signatures on one (covering a broad range of crap). Software patents are bad for the industry, and Immunity stands steadfast against them. The same cannot be said for our competitors. Like Bdog says, "Vote with your money." Dave Aitel Immunity, Inc. "Professional grade FUD" :> On Mon, 2004-09-06 at 14:45, Matthew Watchinski wrote:
CANVAS Advantages. 1. Works on linux/windows and sorta works on Mac OS X. 2. Exploits can be run on the command line free from the GUI 3. New exploits and releases come out all the time. 4. It is a good value for the cost (1k) 5. Support is great, if you have a problem you get to talk to Dave :) 6. Everything is in python so you can see everything under the hood. Disadvantages. 1. The structure of the exploits and the exploit building API's are not as simples as Core Impacts. 2. The structure of all the exploit modules is not uniform like Core Impacts, this sometimes makes it difficult figure out exactly what is going on. 3. The modules for scanning, interacting with services, and other support modules are not as extensive as Core's.
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- RE: Network Exploitation Tools aka Exploitation Engines Erik Birkholz (Aug 18)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Adegbite Stephen (Aug 18)
- <Possible follow-ups>
- RE: Network Exploitation Tools aka Exploitation Engines Clarke, Tyronne (Contractor) (Sep 03)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Kurt Seifried (Sep 04)
- RE: RE: Network Exploitation Tools aka ExploitationEngines Clement Dupuis (Sep 04)
- RE: RE: Network Exploitation Tools aka ExploitationEngines Clement Dupuis (Sep 04)
- RE: RE: Network Exploitation Tools aka ExploitationEngines Clement Dupuis (Sep 08)
- RE: RE: Network Exploitation Tools aka ExploitationEngines Clement Dupuis (Sep 10)
- Network Exploitation Tools aka Exploitation Engines brennan stewart (Sep 11)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Matthew Watchinski (Sep 06)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Dave Aitel (Sep 06)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Halvar Flake (Sep 06)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Lance Spitzner (Sep 06)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Mordy Ovits (Sep 07)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Darryl Luff (Sep 07)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Kurt Seifried (Sep 04)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Ben Hawkes (Sep 06)
- Re: RE: Network Exploitation Tools aka ExploitationEngines Kurt Seifried (Sep 06)