Metasploit, Back Track, and Core Impact Comparison

-


Metasploit
Metasploit is an open source platform for doing vulnerability investigation and development. It handles building shell code and delivery code. The user selects the payload and then selects the exploit to use.

How to use Metasploit
Discovery: The Metasploit GUI is a powerful tool that visually displays all the exploits currently available. In order to launch an exploit a user must find out what products are running on a target system. Once the target has been detected, the user can locate an exploit.



Attack: Once the target exploit has been found double clicking it will open an exploit window or right click and click ‘execute’. Once the exploit has started, the GUI for all of them will appear similar. You will select your target and launch the payload for the attack.
Report: Metasploit has a reporting engine with many standard reports like PDF, CSV, and HTML. Once the attack is complete, you can review the reports generated by the engine.
Limitations of Metasploit
·        Majority of exploits are for windows operating system.
·        Large amount of import data slows exploits.
·        To get the best out of Metasploit, you will require the services of a professional.

·        It does not produce a clear and informative report.

                                                                       Back Track



Back Track is a recognized specialized Linux distribution focusing on security tools for penetration testers and security experts. It supports for live CD and Live USB functionality.
It provides users with easy access to large collection of security tools, which includes:
Aircrack
Kismet
Nmap
Ophcrack
Gerix Wifi Cracker
BeEF
Hydra

How to use Back Track
The tool is ran from inside or outside the environment, it involves the following steps:
Installation: We will install the Back track from a live CD On a clean computer. It is the same step as installing a new Linux operating system.
Discovery: Tools like Wireshark, NetworkMiner, and dsniff are you used to discover targets and vulnerability on a system.
Exploit: We will exploit this vulnerability with Medusa and all other exploitation tools on the back track.
Report: We will gather all the results of the exploits and create a report.

Limitation
·        Majority of exploits are for windows operating system, it has few exploits for Mac OS.
·        To get the best out of Back track, you will require the services of a professional.
·        The Penetration testing is not automated. You will need a different tool for both discovery and exploitation phase.
It does not produce a clear and informative report.

                                                                              Core Impact

It is a commercial shell code and payload generator. Core impact allows the user to ensure compliance with industry and government regulations.



How to use Core Impact
Information gathering: This step collects data about the targeted network, using network discovery and port scanner. This step can also be accomplished by importing information from a network mapping tool or vulnerability scanner.
Attack: During an attack, it automatically selects and launches remote attacks leveraging IP, OS, and service information obtained in the information-gathering phase. The user can choose to launch every attack against each target host.
Report generation: It generates clear, informative reports that provide data about the targeted host, audits of all exploits performed, and details about proven vulnerabilities. The user can view and print reports using Crystal reports.

Limitations
·        You cannot change the source code. It is not an open source tool, which makes the source code unavailable.
·        It is expensive. If you work for a small organization, you may not be able to afford it.
·        Importing external vulnerability data can be sluggish. If you have very large Nessus NBE files, it can take a long time to import these files.
·        It does not have a command line interface.


Comparison
Limitation
Core Impact
Metasploit
Back Track
Operating system
It runs on Linux and Windows OS.
It runs on Linux. It is not fully functional on windows OS. It can crash the operating system.
It makes use of its own operating system through a live CD or live USB stick.
Cost
Expensive, because it is not OpenSource.
 Free, because it is OpenSource
Free, because it is OpenSource
Type of Penetration testing
The penetration testing is automated.
You can perform discovery and exploitation with the same tool.
The penetration testing is automated. You can perform discovery and exploitation with the same tool.
The penetration testing is not automated.
You will need a different tool for both discovery and exploitation phase.
Location of penetration testing
Internal
You have to be on the same network with the targeted host.
Internal
You have to be on the same network with the targeted host.
External and Internal
You don’t have to be on the same network with the targeted host.
Reporting
It does produce a clear and informative report. The report provides information about the host, which will include the details about the vulnerabilities.
It does not produce a clear and informative report.
It only shows the exploit information.
It does not produce a clear and informative report.
Each tool has its own report.
Ease of Usage
It is easy to use, because of the GUI interface.
It is not easy to use. To get the best out of Metasploit, you will require the services of a professional.
It is not easy to use. To get the best out of Back track, you will require the services of a professional.
Interface
GUI
The interface is web based.
GUI and Command line
Msfgui is the GUI interface.
Msfconsole is the command line interface.
GUI and command line
Each tool has its own interface.
Vulnerability database
It is large
You can import external vulnerability database.
It is small
You can import external vulnerability database
It is small
You cannot import external vulnerability database, because each tool has its own database


Comments

Post a Comment

Popular posts from this blog

Andriod Cryptocurrency Clipboard Hijacking Crypto Malware Found On Google Play Store

-
Image
A security researcher has discovered yet another cryptocurrency-stealing malware on the official Google Play Store that was designed to secretly steal bitcoin and cryptocurrency from unwitting users. The malware, described as a " Clipper ," masqueraded as a legitimate cryptocurrency app and worked by replacing cryptocurrency wallet addresses copied into the Android clipboard with one belonging to attackers, ESET researcher Lukas Stefanko explained in a  blog post . Since cryptocurrency wallet addresses are made up of long strings of characters for security reasons, users usually prefer copying and pasting the wallet addresses using the clipboard over typing them out. The newly discovered clipper malware, dubbed Android/Clipper.C by ESET, took advantage of this behavior to steal users cryptocurrency. To do this, attackers first tricked users into installing the malicious app that impersonated a legitimate cryptocurrency service called  MetaMask , claiming to let use...
Read more

High-Severity SHAREit App Flaws Open Files for the Taking

-
Image
Security researchers have discovered two high-severity vulnerabilities in the SHAREit Android app that could allow attackers to bypass device authentication mechanism and steal files containing sensitive from a victim's device. With over 1.5 billion users worldwide, SHAREit is a popular file sharing application for Android, iOS, Windows and Mac that has been designed to help people share video, music, files, and apps across various devices. With more than 500 million users, the SHAREit Android app was found vulnerable to a file transfer application's authentication bypass flaw and an arbitrary file download vulnerability, according to a  blog post  RedForce researchers shared with The Hacker News. The vulnerabilities were initially discovered over a year back in December 2017 and fixed in March 2018, but the researchers decided not to disclose their details until Monday "given the impact of the vulnerability, its big attack surface and ease of exploitation." ...
Read more

Hackers Deleted VFEmail Entire Data and Backups

-
Image
What could be more frightening than a service informing you that all your data is gone—every file and every backup servers are entirely wiped out? The worst nightmare of its kind. Right? But that's precisely what just happened this week with VFEmail.net, a US-based secure email provider that lost all data and backup files for its users after unknown hackers destroyed its entire U.S. infrastructure, wiping out almost two decades' worth of data and backups in a matter of few hours for no apparent reason. Started in 2001 by Rick Romero, VFEmail provides secure, private email services to companies and end users, both free and paid-for. Describing the attack as "catastrophic," the privacy-focused email service provider revealed that the attack took place on February 11 and that "all data" on their US servers—both the primary and the backup systems—has been completely wiped out, and it's seemingly beyond recovery. The VFEmail team detected the attack o...
Read more