The Web Local



Exploit Engines


Apart from your commercial offerings of Core Impact, CANVAS et al, the one open source product that should immediately spring to mind is Metasploit, created by HD Moore.  This tool has a number of precompiled exploits and can be run in a number of differing formats, scripted, command-line and graphical user interface.


Another tool that can be used, however, receives no where near the same level of support is the Security Forest Framework.  At the time of writing there are 11 pre-compiled exploits and these are very dated, the one saving grace for this exploit engine is the fact it comes with hundreds of un-compiled indexed exploits which may help you in your task.


There's also no reason why you shouldn't exploit a vulnerability the old fashioned way - by hand ;-)


IT Security News:


Pen Testing Framework:


Latest Tool Reviews: