Educause Security Discussion mailing list archives
Re: Metasploit and NeXpose
From: Michael Sana <msana () HPU EDU>
Date: Wed, 13 Jan 2010 16:14:41 -1000
Aloha, Simple integration of Nessus and Metasploit already exists without too much grunt work. After conducting a nessus scan and saving it either as an nbe or xml file you can simply import it using the db function in metasploit. A quick example from metasploit would be: db_create "database name" - this creates a new database in metasploit db_import_nessus_xml or db_import_nessus_nbe - this imports the nessus file into the database Once the nessus data is in the database, metasploit can determine based off of CVE's what exploits are available and even conduct auto exploits. Hope that helps... mike.sana. -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Adam Pridgen Sent: Wednesday, January 13, 2010 3:31 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Metasploit and NeXpose Greg, NeXpose and Nessus are vulnerability scanners, and Metasploit, like Canvas or Core, is an exploitation framework that can be used to verify the vulnerabilities identified by either scanner. I have not used Metasploit or NeXpose since Metasploit was purchased by Rapid7, but I imagine the distinct advantage is a more automated process for identifying (NeXpose) and verifying (Metasploit) vulnerabilities with the added benefit of commercial support. I think the same results could be achieved with Metasploit and Nessus, but it would take some grunt work to get everything working seamlessly, if it has not already been done in an open source project, and this process would come without commercial support. Something else to consider is Rapid7 might bundle exploits into Metasploit so newer vulnerabilities that are identified by the scanner can be verified without having to rely on software,service, and system versions. Some vulnerabilities may have PoC exploits that never see the light of day, but they still exist in in OSVB, CVE, etc. This would be a good question for the sales guys ;) -- Adam On Wed, Jan 13, 2010 at 7:10 PM, Greg Vickers <g.vickers () qut edu au> wrote:
Hi all, We are reviewing scanning tools to apply to our web environment to find the problems before the bad guys do. I've gone back through the list archive and read the "Rapid7 NeXpose" thread from June last year. I've just spoken to a sales manager from Rapid7 (I was impressed, he called me in Australia after the web interface to request further information broke and I wound up emailing sales () rapid7 com) and got the blurb from them about the difference between Metasploit and NeXpose. I was wondering who here uses Metasploit or NeXpose and would be very interested in finding out if anyone has moved from Metasploit to NeXpose. We currently use Nessus for doing OS level scans and the basic cgi/web based scans Nessus can do. I would be interested in hearing people's opinions on the advantages or otherwise between Nessus and Metasploit/NeXpose. Thanks, -- Greg Vickers Phone: +61 7 3138 6902 Project Manager, IT Security Program Queensland University of Technology, CRICOS No. 00213J
Current thread:
- Metasploit and NeXpose Greg Vickers (Jan 13)
- <Possible follow-ups>
- Re: Metasploit and NeXpose Adam Pridgen (Jan 13)
- Re: Metasploit and NeXpose Michael Sana (Jan 13)
- Re: Metasploit and NeXpose Joel Rosenblatt (Jan 13)
- Re: Metasploit and NeXpose Justin C. Klein Keane (Jan 14)
- Re: Metasploit and NeXpose Matthew Wollenweber (Jan 14)
- Re: Metasploit and NeXpose Sam Stelfox (Jan 14)