Hosting Provided By

RE: Nessus NASL + Canned Exploit database

From: Matt Foster <matt.foster(at)blade-software.com>
Date: Thu Aug 07 2003 - 08:15:40 EDT

Hi Joe,

If you are interested in testing with real exploit code you may be interested in taking a look at IDS Informer. It has an attack database of 700+ attacks which it can replay while spoofing source and destination ip addresses. You can grab an eval from our website if you would like to take a look

www.blade-software.com

Regards
Matt

-----Original Message-----

From: Joe Skaboika [mailto:caffeinex36@yahoo.com] Sent: 06 August 2003 19:33
To: pen-test@securityfocus.com
Subject: Nessus NASL + Canned Exploit database

Has anyone seen any project involving linking nessus .NASL scripts with a canned exploit database of some sort. For instance, I plug my .NBE file into this tool which spits me out known public canned exploits (the actual exploit not links or info). I was thinking about a pen-testing extention to nessus where I pipe output from nessus into a tool that runs a canned exploit automagically (based on this database) I realize known canned exploits are buggy and architecture for something like this would be a nightmare but I'm curious if anyone has started or even started thinking of anything like this.

Received on Thu Aug 7 14:43:49 2003

This message: [ Message body ]
Next message: Thomas J Ackermann: "Re: Kerberos DoS (Windows 2000)"
Previous message: Dawes, Rogan (ZA - Johannesburg): "RE: Dialup Testing scripting?"
In reply to: Joe Skaboika: "Nessus NASL + Canned Exploit database"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:40 EDT