Security collection: help your hand three exploits tools-vulnerability warning-the black bar safety net

ID MYHACK58:62200717585
Type myhack58
Reporter 佚名
Modified 2007-11-13T00:00:00


We are talking about here is some for creating security tools and exploits program Security Platform. Security experts to perform penetration tests, system administrators can verify whether the patch has been installed, manufacturers can perform regression testing.

First, the Metasploit Framework

In 2 0 0 4 released in time, Metsploit in the field of security whipped up a storm. Also no other new tool can be so high-profile, and the Metasploit Framework it can be in this stage dominate, even more than many other development a dozen years of a good tool even better. Metasploit is a buffer overflow test using the auxiliary tool,it can be said that one exploit and the test platform. It is an Advanced Open-Source platform that can be used for development, testing, exploit code, etc. It incorporates many of the exploit program, this regard you can refer to http://metasploit. com:5 5 5 5 5/a. It allows you to write your own exploit program more easily.

Second, Core Impact

This is an automated comprehensive penetration testing tools. It's not cheap, but it is widely considered to be one of the most powerful exploit the program. It is the most worth showing off is its large, regularly updated Professional the exploit program database. It can be the perfect use of a computer vulnerability, and then by the computer to establish an encrypted channel, you can reach and use other computer vulnerabilities.

This software can allow us:

·Confirm that the server and the desktopoperating systemand services in the real vulnerability

·Measure the end-user about social engineering attacks in response

·Positioning and demonstration of specific Web application vulnerabilities in

·Test and adjust the information security Defense architecture

·Verify system updates, modifications, patches, security

·Establish a vulnerability management audit tracking

IMPACT can give what is needed to effectively protect customer records, financial data and intellectual property rights important information. This helps protect your organization's reputation, maintain network stability and productivity, and ensure compliance with corporate and government related regulations consistent.

However, if you can't afford Impact, can be considered a Canvas or in front of the Metsploit it. I believe that the best of these three software are used.

Third, the Canvas


Canvas is one such that the other security products easier to deploy the platform. Immunity's Canvas is a penetration tester and security experts have developed a number of loopholes in the program, there is an automated exploit system, as well as a comprehensive, reliable exploit deployment framework. You can purchase the optional VisualSploit Plugin plug-in, which is a graphical user interface to exploit the program's drag-and-drop plug-in.

In short, these three tools is different, can according to their own need to use it.