artart Posted May 8, 2015 Share Posted May 8, 2015 Hi guys, I am writing a graduation work at the university. Here is the main idea: I need to write a programm that will alow me to do attack modelling for IDS testing. So, let's suppose, I know target OS, open ports and running services (by running nmap, for exaple). Now I'd like to filter exploits (by ports, OS, etc) from Metasploit, that I might use. But I don't know how to do this. Can I make a request to postgresql DB, or exploits don't store there? Or should I use msfconsole instead? I need to write a programm, that would do this automatically taking as input Nmap scan result. For example, in Armitage there is a function Find Atacks. It does what I want, but I need to write something similar by myself. Next step is splitting these exploits by groups and building an attack tree or attack scenarios. After that the programm should run exploits and define, whether they were successfull or not. So, please, help me, if you know answer to one of my quistions. Maybe there is some API for Metasploit, for example for C or Java, it would be much easier to write such programm. Thanks a lot. Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.