Tool and Usage
|Latest release||4.0 |
Why this tool?
AutoSploit attempts to automate the exploitation of remote hosts for security assessments. Targets can be collected automatically or manually provided. Automatic sources include Censys, Shodan, and Zoomeye.
How it works
AutoSploit has a selected number of Metasploit modules to facilitate the Remote Code Execution. Where possible it attempts to gain a reverse TCP shells or Meterpreter sessions. The required details (like ports) are configured using a dialog, just before the exploitation happens.
This tool requires administrative access to the system. Typically this is no problem, as the tooling is used by the pentester which has control over the system that performs the attack. AutoSploit comes with a small installer and has a configuration wizard to complete the installation.
Usage and audience
AutoSploit is commonly used for service exploitation or system exploitation. Target users for this tool are pentesters and security professionals.
- Command line interface
Example usage and output
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + More than 10 contributors
- + More than 3000 GitHub stars
- + The source code of this software is available
Supported operating systems
AutoSploit is known to work on Linux.
Several dependencies are required to use AutoSploit.
Similar tools to AutoSploit:
Arpag is a security tool to perform automatic exploiting of targets. It can be instructed to scan a set of ports and based on the outcome, it will search and active a related exploit.
The Infection Monkey is a security tool to test the resiliency of a data center or network. It tries to breach the perimeter and infect any internal server. Upon success, it reports the status to the centralized Monkey Island server. This tool can help with automating security assessments or perform a self-assessment.
Leviathan is a security tool to provide a wide range of services including service discovery, brute force, SQL injection detection, and exploit capabilities.
This tool page was updated at . Found an improvement? Help the community by submitting an update.