Extending Metaploit 3.0 to Vulnerability Scanning

[jonathanbsa at sbcglobal.net (jonathan roeder)]

Why can't we just integrate Nmap into the Metaploit vulnerability engine 
Andre Ludwig <andre.ludwig at gmail.com> wrote: Date: Fri, 7 Oct 2005 15:30:50 -0400
From: Andre Ludwig <andre.ludwig at gmail.com>
To: framework at metasploit.com
Subject: Re: [framework] Extending Metaploit 3.0 to Vulnerability Scanning

I think a proper correlation engine with the addition of a proper
reporting module would make metasploit one helluva tool (like it
allready wasnt?). Lets just say it would be a helluva value add...

Just my two cents, would be damn nice to be able to utilize a
reporting module that fed off the information gathered from the recon
modules to produce an overall risk rating for a client.

just a thought, and as some of you may know there is about eleventeen
bajjilion ways to skin the risk rating cat.

Dre

On 10/7/05, Chris Green wrote:
> On 10/7/05 10:26 AM, "mmiller at hick.org" wrote:
> > While we do plan to release the recon module system publicly, we have
> > not yet decided if we are willing to release the correlation engine
> > publicly due to there being a large potential for abuse.
>
> My $.02, releasing an exploit with no patch (Veritas) on a Friday afternoon
> causes a lot more damage than having the correlation engine develop an open
> community around it.
>
> I'm sure all the other arguments you are having internally.
> --
> Chris Green
> UAB Data Security, 5-0842


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20051008/0b0312ea/attachment.htm>