Re: [Full-disclosure] Vulnerability/Penetration Testing Tools

HD,
   Perfect! This is what I was looking for, much appreciated.

-Adriel

-----Original Message-----
From: H D Moore <fdlist@digitaloffense.net>
To: full-disclosure@lists.grok.org.uk
Sent: Tue, 17 Jan 2006 18:29:34 -0600
Subject: Re: [Full-disclosure] Vulnerability/Penetration Testing Tools

  Er, woops, misread - you want to scan and automatically exploit 
systems.
This can be easily done with a little scripting and the available
open-source tools. SensePost has a project called BiDiBLAH that
integrates Google-discovery, a TCP port scanner, Nessus, and Metasploit:
- http://www.sensepost.com/research/bidiblah/

The next version of the Metasploit Framework (v3) has support for 
'recon'
modules that technically you could use to automate this, but it will 
take
some time before this is usable.

-HD


On Tuesday 17 January 2006 18:04, H D Moore wrote:
> You should check out the Metasploit Framework:
>  - http://metasploit.com/projects/Framework/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


________________________________________________________________________
Check Out the new free AIM(R) Mail -- 2 GB of storage and 
industry-leading spam and email virus protection.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/