Penetration Testing mailing list archives

Re: Frameworks to exploit AV gw and Browser?

From: "Patrick Webster" <sflist () aushack com>
Date: Wed, 7 Jan 2009 01:29:37 +1100

Hi Richard,

Regarding #2, I think PIRANA would do what you're looking for.

http://www.guay-leroux.com/projects.html

PIRANA is an exploitation framework that tests the security of a email
content filter. By means of a vulnerability database, the content
filter to be tested will be bombarded by various emails containing a
malicious payload intended to compromise the computing platform.
PIRANA's goal is to test whether or not any vulnerability exists on
the content filtering platform. This tool uses the excellent shellcode
generator from the Metasploit framework!

-Patrick

On Thu, Jan 1, 2009 at 6:22 AM, Richard Miles
<richard.k.miles () googlemail com> wrote:
..

The other, is something similar, but to test AntiVirus gateways, it
was a framework contain dozen of different evil payloads for different
antivirus. So we could test if we could compromise a AV gateway.
Anyone aware of the link of the project?

Current thread:

RE: Frameworks to exploit AV gw and Browser? alessandro telami (Jan 03)
- Re: Frameworks to exploit AV gw and Browser? Richard Miles (Jan 03)
- <Possible follow-ups>
- Re: Frameworks to exploit AV gw and Browser? Joshua Gimer (Jan 03)
- Re: Frameworks to exploit AV gw and Browser? H D Moore (Jan 03)
  - Re: Frameworks to exploit AV gw and Browser? Richard Miles (Jan 05)
- Re: Frameworks to exploit AV gw and Browser? Patrick Webster (Jan 06)