AutoSploit alternatives

Looking for an alternative tool to replace AutoSploit? During the review of AutoSploit we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. arpag (automatic exploiting tool)
  2. Infection Monkey (security testing for data centers and networks)
  3. Leviathan Framework (mass audit toolkit)

These tools are ranked as the best alternatives to AutoSploit.

Alternatives (by score)

64

arpag

Introduction

Tools like arpag can help with automating penetration tests and security assessments. By testing automatically for a set of exploits, the remaining time can be spend in other areas.

Project details

arpag is written in Python.

Strengths and weaknesses

  • + Very low number of dependencies
  • + The source code of this software is available
  • - No releases on GitHub available

Typical usage

  • Penetration testing
  • Security awareness
  • Service exploitation

arpag review

100

Infection Monkey

Introduction

This tool is useful for security assessments to test for weaknesses within the network. By automating the exploitation phase as much as possible, it will help finding any weak targets within the boundaries of the data center.

Project details

Infection Monkey is written in Python.

Strengths and weaknesses

  • + More than 10 contributors
  • + More than 500 GitHub stars
  • + The source code of this software is available

    Typical usage

    • Service exploitation
    • System exploitation

    Infection Monkey review

    60

    Leviathan Framework

    Introduction

    Leviathan is a security tool to provide a wide range of services including service discovery, brute force, SQL injection detection, and exploit capabilities. The primary reason to use this tool is to do massive scans on many systems at once. For example to include a huge network range, country-wide scan, or even full internet scan.

    Project details

    Leviathan Framework is written in Python.

    Strengths and weaknesses

    • + More than 500 contributors
    • + The source code of this software is available

      Typical usage

      • Penetration testing
      • Security assessment
      • Service exploitation

      Leviathan Framework review

      60

      RemoteRecon

      Introduction

      RemoteRecon is a post-exploitation framework. It can be used to maintain access to a system without the need to have a whole toolkit on the target system.

      Project details

      RemoteRecon is written in C#.

      Strengths and weaknesses

      • + The source code of this software is available

        Typical usage

        • Offensive security
        • Penetration testing

        RemoteRecon review

        60

        ShellPop

        Introduction

        During a penetration test, you might have an opportunity to gain shell access to a system. This tool helps with crafting the required type of reverse or bind shell for the task. PopShell also helps with encoding, staging, or switching between different protocols.

        Project details

        ShellPop is written in Python.

        Strengths and weaknesses

        • + The source code of this software is available

          Typical usage

          • Penetration testing

          ShellPop review

          60

          Bowcaster

          Introduction

          Bowcaster is a framework to create exploits. It is written in Python and comes with a set of tool and modules to help exploit development.

          Project details

          Bowcaster is written in Python.

          Strengths and weaknesses

          • + The source code of this software is available
          • - No updates for a while

          Typical usage

          • Exploit development
          • Penetration testing

          Bowcaster review

          64

          PEDA

          Introduction

          PEDA is an extension for GDB (GNU DeBugger) to help with the development of exploit code. It can be used by reverse engineers and pentesters.

          Project details

          PEDA is written in Python.

          Strengths and weaknesses

          • + More than 2000 GitHub stars
          • + The source code of this software is available

            Typical usage

            • Debugging
            • Exploit development
            • Reverse engineering

            PEDA review

            74

            SearchSploit

            Introduction

            SearchSploit is a small by OffensiveSecurity to search for exploits and related data in the exploit database (Exploit-DB). This may help penetration testers in their security assignments.

            Project details

            SearchSploit is written in shell script.

            Strengths and weaknesses

            • + The source code is easy to read and understand
            • + Tool is easy to use
            • + Used language is shell script
            • - Full name of author is unknown

            Typical usage

            • Information gathering
            • Penetration testing
            • Service exploitation
            • System exploitation
            • Vulnerability testing

            SearchSploit review

            85

            BeEF

            Introduction

            BeEF is used by penetration testers to assess the security of a system by leveraging the web browser. This makes the tool different to many other tools, as it ignores the security on network or system level. It uses command modules from within the web browser to perform requested attacks against the system.

            Project details

            74

            Metasploit Framework

            Introduction

            Metasploit is a framework that consists of tools to perform security assignments. It focuses on the offensive side of security and leverages exploit modules.

            Project details

            Metasploit Framework is written in Ruby.

            Strengths and weaknesses

            • + More than 400 contributors
            • + More than 9000 stars
            • + Many maintainers
            • + The source code of this software is available
            • + Supported by a large company
            • + Well-known tool

              Typical usage

              • Penetration testing
              • Security assessment
              • Vulnerability scanning

              Metasploit Framework review

              60

              Pupy

              Introduction

              Pupy is an open source remote administration and post-exploitation tool. It is mainly written in Python and works Androi, Linux, macOS, and Windows.

              Project details

              Pupy is written in Python.

              Strengths and weaknesses

              • + The source code of this software is available

                Typical usage

                • Penetration testing
                • Security assessment

                Pupy review

                64

                RouterSploit

                Introduction

                RouterSploit is a framework to exploit embedded devices such as cameras and routers. It can be used during penetration testing to test the security of a wide variety of devices. RouterSploit comes with several modules to scan and exploit the devices. The tool helps in all steps, like from credential testing to deploying a payload to perform an exploitation attempt.

                Project details

                RouterSploit is written in Python.

                Strengths and weaknesses

                • + More than 50 contributors
                • + More than 6000 GitHub stars
                • + The source code of this software is available

                  Typical usage

                  • Penetration testing
                  • Self-assessment
                  • Software testing
                  • Vulnerability scanning

                  RouterSploit review

                  85

                  Ruler

                  Introduction

                  The main aim for this tool is abusing the client-side Outlook features and gain a shell remotely.

                  Project details

                  Ruler is written in Golang.

                  Strengths and weaknesses

                  • + The source code of this software is available

                    Typical usage

                    • Penetration testing
                    • Security assessment

                    Ruler review

                    89

                    sqlmap

                    Introduction

                    The sqlmap is a well-known tool with an amazing number of GitHub stars (10,000+). It is used by many security professionals around the world to test the security of both web applications and the database that stores the data.

                    Project details

                    Some relevant tool missing as an alternative to AutoSploit? Please contact us with your suggestion.