Some of my best technical (and comical) inspirations come from the life works of Dave Aitel. If you want to learn about anything related to exploit development, exploit frameworks, post exploitation, or general application / network security, just start reading any of the code he has written.
And of course buy a copy of CANVAS to support his work. It's the best money you will ever spend on security training. Oh...and I guess you can use it as an exploit framework as well.
One of the really cool GPL projects Dave released a while back is called HYDROGEN. If you are not familiar with it, you can think of it as a cross platform meterpreter, with strong crypto built in.
It is really easy to add or change functionality. I'll try to post some of my mods to it soon.
My long term goal would be code in threading so that it could be compiled into a dll and injected into an exploited process on windows.
Even though RSnake says "Don't be like Dave" (in jest)...
Take some time to look around and read some of Dave's stuff...
-
Posts
No comments:
Post a Comment