By now most everyone has heard of the Metasploit Project and what it can do. Not only that but it is free, and quite powerful. This really is the exploit framework that put these types of programs on the map. Though Metasploit is by no means the only one out there. There is also CANVAS which was written by the very talented Dave Aitel, and is commercial in nature. It is worth noting though that the cost of CANVAS is very reasonable considering the quality of the product you’re getting. Not only that but you also get the source code for it. This can be very important for those of you working in high assurance environments. Another product to mention is that of Core IMPACT. There are a few negatives with Core IMPACT though from my perspective. Namely, a very high cost, and closed source. Have to give credit where credit is due though. It is a powerful product with a simple to use interface I am told. Of the three products mentioned here I would personally go with CANVAS from Immunitysec. The price is right, it comes with the source code, and has exploits for various platforms. All in all, pretty good bang for your buck.
Technorati Tags: Exploitation frameworks, CANVAS, Metasploit, Core IMPACT