| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200601171804.27755.fdlist@digitaloffense.net> Date: Wed Jan 18 00:05:47 2006 From: fdlist at digitaloffense.net (H D Moore) Subject: Vulnerability/Penetration Testing Tools You should check out the Metasploit Framework: - http://metasploit.com/projects/Framework/ <rant> When I viewed the online demo of SAINT Exploit in December of 2005, nearly all of their exploit modules had names very similar to the ones found in version 2.5 of the Metasploit Framework. The demo has been updated since then and a handful of new exploits have been mixed in while others had their name changed. Oh, and their placement of a Google Adword on "metasploit" was a nice touch... </rant> -HD On Tuesday 17 January 2006 16:25, greybrimstone@....com wrote: > All, > I am in the process of researching a wide variety of penetration > testing tools and vulnerability assessment tools. I've already > researched many of the commercial tools like Coresecurity's Core Impact > tool and even know a bit about the new tool that saint is about to come > out with. What about open-source tools? > > Are there any open source tools like Core Impact that allow you to > not only scan a network for vulnerabilities but then allow you to issue > attacks against those vulnerabilities? I'm interested in both windows > based and *nix based tools. Yes I am aware of nessus, exploit tree, > metaspoloit etc... but none of those really have the "identify then > attack" type of structure... they are either "identify" or "attack". > > -simon
Powered by blists - more mailing lists