AutoSploit

LSE toolsLSE toolsAutoSploit (120)AutoSploit (120)

Tool and Usage

Project details
LicenseGPLv3
Programming languagePython
Latest release4.0 []

Project health

89
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

AutoSploit attempts to automate the exploitation of remote hosts for security assessments. Targets can be collected automatically or manually provided. Automatic sources include Censys, Shodan, and Zoomeye.

How it works

AutoSploit has a selected number of Metasploit modules to facilitate the Remote Code Execution. Where possible it attempts to gain a reverse TCP shells or Meterpreter sessions. The required details (like ports) are configured using a dialog, just before the exploitation happens.

Background information

This tool requires administrative access to the system. Typically this is no problem, as the tooling is used by the pentester which has control over the system that performs the attack. AutoSploit comes with a small installer and has a configuration wizard to complete the installation.

Usage and audience

AutoSploit is commonly used for service exploitation or system exploitation. Target users for this tool are pentesters and security professionals.

Features

  • Command line interface

Example usage and output

. ' .
' .( '.) '
_ ('-.)' (`'.) '
|0|- -( #autosploit )
.--`+'--. . (' -,).(') .
|`-----'| (' .) - ('. )
| | . (' `. )
| .-. | ` . `
| (0.0) |
| >|=|< |
| `"` |
| |
| |
`-.___.-'
v(2.2)

[+] welcome to autosploit, give us a little bit while we configure
[i] checking your running platform
[i] checking for disabled services
Initial configuration of AutoSploit

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + More than 10 contributors
  • + More than 3000 GitHub stars
  • + The source code of this software is available

Installation

Supported operating systems

AutoSploit is known to work on Linux.

Dependencies

Several dependencies are required to use AutoSploit.

  • psutil
  • requests

AutoSploit alternatives

Similar tools to AutoSploit:

64

arpag

Arpag is a security tool to perform automatic exploiting of targets. It can be instructed to scan a set of ports and based on the outcome, it will search and active a related exploit.

100

Infection Monkey

The Infection Monkey is a security tool to test the resiliency of a data center or network. It tries to breach the perimeter and infect any internal server. Upon success, it reports the status to the centralized Monkey Island server. This tool can help with automating security assessments or perform a self-assessment.

60

Leviathan Framework

Leviathan is a security tool to provide a wide range of services including service discovery, brute force, SQL injection detection, and exploit capabilities.

All AutoSploit alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Categories

This tool is categorized as a automatic exploitation tool and post exploitation tool.

Related terms