Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Intrusion Automation

From: fifield () ghost nslug ns ca (Jamie Fifield)
Date: Wed, 8 Aug 2001 16:46:59 -0300
Exploit and intrusion automation tools - An introductory FAQ

by Mixter <mixter () 2xss com>
http://mixter.net/papers.html
August 2001


-----------------------------------------------------------------------------

Q: What are future goals of NEAT?

Personally, I'd like to aim toward a open database and script language
standard or format for professional open-source exploit automation tools,
if and when they are starting to be deployed by whitehats. Intrusion and
exploit automation tools are at their very beginning right now. In the
future, they may be used for periodical security assessments of the own
hosts and networks, with automatic vulnerability updates. Ideally, exploit
automation tools would eventually "join forces" with full-disclosure
resources such as vulnerability mailing lists, the Securityfocus database,
MITRE's CVE [3] system, and other free resources.

-----------------------------------------------------------------------------


What is the difference between NEAT and Nessus?  (Which wasn't
listed in the Resources).

My understanding of this FAQ suggests that they're very similar tools,
except that Nessus already has a vulnerability development community.

-- 
Jamie Fifield
<fifield () chebucto ns ca>
Previous By Date Next
Previous By Thread Next

Current thread: