Project Sonar is a community effort to measure, analyze, and assess security issues affecting the public internet. The project outputs include mass-scanning tools, public datasets, and analysis utilities. Data from this project is being shared through the University of Michigan’s Scans.IO portal.
The Metasploit Framework is the leading open-source exploit platform used for professional penetration testing and security research. Metasploit provides a modular platform for exploit and security tool development, protecting against bit rot, and allowing old modules to leverage new features as they are added to the framework. In addition to the BSD-licensed framework, Rapid7 sells two commercial penetration testing products, Metasploit Express and Metasploit Pro.
WarVOX is a pure-software wardialing platform that combines VoIP dialing with FFT-based fingerprinting and audio analysis. The result is a system that can fingerprint modems, fax machines, voice systems, error messages, and even specific voices. WarVOX requires an IAX2-compatible VoIP service, but can talk to commercial SIP providers through a local Asterisk or FreeSwitch gateway.
The Critical.IO project was designed to uncover large-scale vulnerabilities across the global IPv4 internet. The project scanned 18 ports (14 TCP, 4 UDP) across the entire IPv4 address space between February 2012 and March 2013. The data obtained from this project has already yielded useful research into UPnP vulnerabilities and continues to be analyzed. The complete dataset from this project is now available at Scans.IO.
Month of Browser Bugs
The Month of Browser Bugs (MoBB) project was an attempt shine a light on web browser security. The project spanned the month of July in 2006 and demonstrated over 30 unique vulnerabilities across all major web browsers.
AxMan ActiveX Fuzzer
The (now offline) Decloak.net web site demonstrated techniques for identifying the real IP of a web visitor, even when anonymizing proxies were in use. This demo used a unique ID to correlate incoming traffic over multiple protocols, leverage browser plugins and DNS information leaks to identify as much information about the visitor as possible. Most of the techniques have since been accounted for in popular anonymizing services.
The Metasploit OpcodeDB was a web-based search engine for identifying useful return addresses across all major versions of Microsoft Windows. This project was used heavily between August 2003 and late 2007. The OpcodeDB is no longer relevant with the wide-spread adoption of exploit mitigations such as SafeSEH, NX, and ASLR, but helped sow the seeds for future ROP-based engines.