AutoSploit alternatives
Looking for an alternative tool to replace AutoSploit? During the review of AutoSploit we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.
Top 3
- arpag (automatic exploiting tool)
- Infection Monkey (security testing for data centers and networks)
- Leviathan Framework (mass audit toolkit)
These tools are ranked as the best alternatives to AutoSploit.
Alternatives (by score)
arpag
Introduction
Tools like arpag can help with automating penetration tests and security assessments. By testing automatically for a set of exploits, the remaining time can be spend in other areas.
Project details
arpag is written in Python.
Strengths and weaknesses
- + Very low number of dependencies
- + The source code of this software is available
- - No releases on GitHub available
Typical usage
- Penetration testing
- Security awareness
- Service exploitation
Infection Monkey
Introduction
This tool is useful for security assessments to test for weaknesses within the network. By automating the exploitation phase as much as possible, it will help finding any weak targets within the boundaries of the data center.
Project details
Infection Monkey is written in Python.
Strengths and weaknesses
- + More than 25 contributors
- + More than 5000 GitHub stars
- + The source code of this software is available
Typical usage
- Password discovery
- Service exploitation
- System exploitation
Leviathan Framework
Introduction
Leviathan is a security tool to provide a wide range of services including service discovery, brute force, SQL injection detection, and exploit capabilities. The primary reason to use this tool is to do massive scans on many systems at once. For example to include a huge network range, country-wide scan, or even full internet scan.
Project details
Leviathan Framework is written in Python.
Strengths and weaknesses
- + More than 500 contributors
- + The source code of this software is available
Typical usage
- Penetration testing
- Security assessment
- Service exploitation
RemoteRecon
Introduction
RemoteRecon is a post-exploitation framework. It can be used to maintain access to a system without the need to have a whole toolkit on the target system.Project details
RemoteRecon is written in C#.
Strengths and weaknesses
- + The source code of this software is available
Typical usage
- Offensive security
- Penetration testing
ShellPop
Introduction
During a penetration test, you might have an opportunity to gain shell access to a system. This tool helps with crafting the required type of reverse or bind shell for the task. PopShell also helps with encoding, staging, or switching between different protocols.
Project details
ShellPop is written in Python.
Strengths and weaknesses
- + The source code of this software is available
Typical usage
- Penetration testing
Bowcaster
Introduction
Bowcaster is a framework to create exploits. It is written in Python and comes with a set of tool and modules to help exploit development.Project details
Bowcaster is written in Python.
Strengths and weaknesses
- + The source code of this software is available
- - No updates for a while
Typical usage
- Exploit development
- Penetration testing
PEDA
Introduction
PEDA is an extension for GDB (GNU DeBugger) to help with the development of exploit code. It can be used by reverse engineers and pentesters.Project details
PEDA is written in Python.
Strengths and weaknesses
- + More than 2000 GitHub stars
- + The source code of this software is available
Typical usage
- Debugging
- Exploit development
- Reverse engineering
SearchSploit
Introduction
SearchSploit is a small by OffensiveSecurity to search for exploits and related data in the exploit database (Exploit-DB). This may help penetration testers in their security assignments.
Project details
SearchSploit is written in shell script.
Strengths and weaknesses
- + The source code is easy to read and understand
- + Tool is easy to use
- + Used language is shell script
- - Full name of author is unknown
Typical usage
- Information gathering
- Penetration testing
- Service exploitation
- System exploitation
- Vulnerability testing
BeEF
Introduction
BeEF is used by penetration testers to assess the security of a system by leveraging the web browser. This makes the tool different to many other tools, as it ignores the security on network or system level. It uses command modules from within the web browser to perform requested attacks against the system.
Project details
Metasploit Framework
Introduction
Metasploit is a framework that consists of tools to perform security assignments. It focuses on the offensive side of security and leverages exploit modules.Project details
Metasploit Framework is written in Ruby.
Strengths and weaknesses
- + More than 400 contributors
- + More than 9000 stars
- + Many maintainers
- + The source code of this software is available
- + Supported by a large company
- + Well-known tool
Typical usage
- Penetration testing
- Security assessment
- Vulnerability scanning
Pupy
Introduction
Pupy is an open source remote administration and post-exploitation tool. It is mainly written in Python and works Androi, Linux, macOS, and Windows.Project details
Pupy is written in Python.
Strengths and weaknesses
- + The source code of this software is available
Typical usage
- Penetration testing
- Security assessment
RouterSploit
Introduction
RouterSploit is a framework to exploit embedded devices such as cameras and routers. It can be used during penetration testing to test the security of a wide variety of devices. RouterSploit comes with several modules to scan and exploit the devices. The tool helps in all steps, like from credential testing to deploying a payload to perform an exploitation attempt.
Project details
RouterSploit is written in Python.
Strengths and weaknesses
- + More than 50 contributors
- + More than 6000 GitHub stars
- + The source code of this software is available
Typical usage
- Penetration testing
- Self-assessment
- Software testing
- Vulnerability scanning
Ruler
Introduction
The main aim for this tool is abusing the client-side Outlook features and gain a shell remotely.
Project details
Ruler is written in Golang.
Strengths and weaknesses
- + The source code of this software is available
Typical usage
- Penetration testing
- Security assessment
sqlmap
Introduction
The sqlmap is a well-known tool with an amazing number of GitHub stars (10,000+). It is used by many security professionals around the world to test the security of both web applications and the database that stores the data.
Project details
Some relevant tool missing as an alternative to AutoSploit? Please contact us with your suggestion.