SecurityForest Exploitation Framework Beta has been released!

From: Alon Swartz (loni_at_securityforest.com)
Date: 03/21/05

  • Next message: Nick FitzGerald: "Re: Thoughts and a possible solution on homograph attacks"
    Date: Tue, 22 Mar 2005 00:57:47 +0200
    To: full-disclosure@lists.netsys.com, bugtraq@securityfocus.com, pen-test@securityfocus.com
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Hey Guys,
    The Security Forest Exploitation Framework Beta has been released and
    is available for download:
    http://www.securityforest.com/wiki/index.php/Exploitation_Framework

    SecurityForest's Exploitation Framework is similar in concept to the
    open-source Metasploit Framework (http://www.metasploit.com) and the
    commercial offerings such as Immunity's CANVAS
    (http://www.immunity.com) and Core Security Technology's Impact
    (http://www.corest.com).

    The major difference between the above mentioned frameworks and the
    SecurityForest Exploitation Framework is that it leverages the massive
    amount of exploits available in the ExploitTree
    (http://www.securityforest.com/wiki/index.php/Category:ExploitTree).
    These exploits are publically available and do not have to be
    re-written to be used in the framework (no matter what language and
    sometimes no matter what OS).
    It basically acts as a Graphical User Interface to the ExploitTree
    which is dynamically updated at the same time as the ExploitTree.

    The above mentioned frameworks are great and the Exploitataion
    Framework doesn't even compare to them on a technical level, it just
    fills the gap.

    The Exploitation Framework is provided for legal penetration testing
    and research purposes only.

    Cheers,
    Loni

    http://www.securityforest.com
    loni@securityforest.com

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.0 (Cygwin)
    Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

    iD8DBQFCP1Fqu877OAxzU0ERAjkFAKCXC6M+IU635okOf2IxQowg8Ke7LwCfbW5k
    VxeIr2j2Ykrnj7cIyTDYQSE=
    =04PW
    -----END PGP SIGNATURE-----


  • Next message: Nick FitzGerald: "Re: Thoughts and a possible solution on homograph attacks"

    Relevant Pages

    • Re: a pre-beginners question: what is the pros and cons of .net, compared to ++
      ... > party controls is expensive... ... This is where you end up fighting with the framework; ... LSA in the context of "Local Security Policy"? ... Let's say you want to add a new Anti-Virus service account to all ...
      (microsoft.public.dotnet.general)
    • Re: Is there an Open Source Vulnerability Analysis Framework?
      ... Is there an Open Source Vulnerability Analysis Framework? ... end-to-end framework for security assessment. ... Download FREE whitepaper on how a managed service can ...
      (Pen-Test)
    • Re: CoBIT a Security Audit Framework?
      ... You can try the "IS Auditing Procedure: P08 Security Assessment - Penetration Testing and Vulnerability Analysis" document at the ISACA web page, it describes a process to execute a pentest aligned to CobiT, also you can add some features from OSSTMM or NIST to obtain a more global pentest process. ... CoBIT a Security Audit Framework? ...
      (Pen-Test)
    • Re: web query builder in php
      ... i have learned to think of SQL injection as a security ... the security beyond what can be arranged on the database. ... Andromeda and phpPeanuts before we can draw conclusions. ... framework connects to the database as a super-user and your code (or ...
      (comp.lang.php)
    • Re: Is there an Open Source Vulnerability Analysis Framework?
      ... i think that ISSAF (Information System Security Assessment ... Framework) could suit your needs. ...
      (Pen-Test)