powersploiting
I finished a 1-day whirlwind Powersploiting class taught by HD Moore. As a metasploit auxiliary author neophyte I hadn’t seen before how easy it is to write ruby snippets to customize and extend metasploit for one’s own purposes.
For example, using the scanner template below, you can write a custom TCP scanner in minutes. This often may be the quickest way to check one off items or in-house services which require more than a SYN-ACK to get the information you want.
Metasploit scanner features:
- access to all exploit classes and methods
- support for proxies, SSL, reporting
- built-in threading and range scanning
To run your new scanner, do:
Existing metasploit scanners: http://metasploit.com/dev/trac/browser/framework3/trunk/modules/auxiliary/scanner
