Full Disclosure mailing list archives
Re: Vulnerability/Penetration Testing Tools
From: greybrimstone () aim com
Date: Tue, 17 Jan 2006 23:27:49 -0500
HD,Metasploit has already been added to my archive of must haves. I'm primarly interested in tools that would in effect combine a nessus like front end to something like core impact/metasploit. Any ideas on something like that? Do I need to write my own?
-----Original Message----- From: H D Moore <fdlist () digitaloffense net> To: full-disclosure () lists grok org uk Sent: Tue, 17 Jan 2006 18:04:27 -0600 Subject: Re: [Full-disclosure] Vulnerability/Penetration Testing Tools You should check out the Metasploit Framework: - http://metasploit.com/projects/Framework/ <rant>When I viewed the online demo of SAINT Exploit in December of 2005, nearly all of their exploit modules had names very similar to the ones found in version 2.5 of the Metasploit Framework. The demo has been updated since
then and a handful of new exploits have been mixed in while others had their name changed. Oh, and their placement of a Google Adword on "metasploit" was a nice touch... </rant> -HD On Tuesday 17 January 2006 16:25, greybrimstone () aim com wrote:
All,
I am in the process of researching a wide variety of penetration
testing tools and vulnerability assessment tools. I've already
researched many of the commercial tools like Coresecurity's Core
Impact
tool and even know a bit about the new tool that saint is about to
come
out with. What about open-source tools?
Are there any open source tools like Core Impact that allow you to
not only scan a network for vulnerabilities but then allow you to
issue
attacks against those vulnerabilities? I'm interested in both windows based and *nix based tools. Yes I am aware of nessus, exploit tree, metaspoloit etc... but none of those really have the "identify then attack" type of structure... they are either "identify" or "attack". -simon
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ________________________________________________________________________Check Out the new free AIM(R) Mail -- 2 GB of storage and industry-leading spam and email virus protection.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Vulnerability/Penetration Testing Tools greybrimstone (Jan 17)
- Re: Vulnerability/Penetration Testing Tools H D Moore (Jan 17)
- Re: Vulnerability/Penetration Testing Tools Gadi Evron (Jan 17)
- Re: Vulnerability/Penetration Testing Tools greybrimstone (Jan 17)
- Re: Vulnerability/Penetration Testing Tools Yvan Boily (Jan 17)
- Re: Vulnerability/Penetration Testing Tools Gadi Evron (Jan 18)
- Re: Vulnerability/Penetration Testing Tools Robert Kim Wireless Internet Advisor (Jan 27)
- Re: Vulnerability/Penetration Testing Tools greybrimstone (Jan 19)
- Re: Vulnerability/Penetration Testing Tools Gadi Evron (Jan 17)
- Re: Vulnerability/Penetration Testing Tools H D Moore (Jan 17)
- Re: Vulnerability/Penetration Testing Tools greybrimstone (Jan 17)
- <Possible follow-ups>
- RE: Vulnerability/Penetration Testing Tools Madison, Marc (Jan 18)
- Re: Vulnerability/Penetration Testing Tools greybrimstone (Jan 19)
- Re: Vulnerability/Penetration Testing Tools Exibar (Jan 19)
- Re: Vulnerability/Penetration Testing Tools greybrimstone (Jan 19)
- Re: Vulnerability/Penetration Testing Tools GroundZero Security (Jan 19)
- Re: Vulnerability/Penetration Testing Tools greybrimstone (Jan 19)
- Re: Vulnerability/Penetration Testing Tools greybrimstone (Jan 19)
- Re: Vulnerability/Penetration Testing Tools Valdis . Kletnieks (Jan 18)
- Re: Vulnerability/Penetration Testing Tools greybrimstone (Jan 19)
- Re: Vulnerability/Penetration Testing Tools Dave Korn (Jan 27)