I spent an hour playing with Metasploit 3.0 beta 2 today to prepare for some server hardening chores ahead, a task I've always depended on others to do for me. Since it's for my own projects and I don't have any employees, I am it. Besides, I don't think many IT guys have Metasploit in their hardening procedure…yet.
Anyway, Metasploit looks neat. I am rather disappointed with the list of available public exploits though. Is there an 'exploit bank' I need to withdraw from? Also, it seems hideously tedious to use, check, and launch exploits. I want a GUI app that allows me to select exploits without typing, fill in a form, save as an exploit instance, optionally drag-n-drop it into an attack suite, then launch it either in parallel to ongoing attacks or into an execution queue.
Maybe msfwx is suppose to do this but I couldn't get it to run (complained about not having wxruby). Only copy of wxruby I could find was wxruby2-preview but apparently that doesn't satisfy msfwx in beta 2.

Tags: ,