The first mention of the name of this tool and I thought that it must be another of those kiddie tools! But, then you kind of seem to like this tool. This tool can be considered as an add-on for other professional tools like Metasploit, Core Impact, etc.
The good thing about this application is that it uses lesser dependencies than most tools as it just ‘acts like a GUI’ for other compiled, uncompiled exploits. It does not need a huge package to be downloaded. Just wget the latest version to your pen drive and you are set to use this tool. The author mentions-’The aim of creating winAUTOPWN is not to compete with already existing commercial frameworks like Core Impact (Pro), Immunity Canvas, Metasploit Framework (freeware), etc. which offer autohacks, but to create a free, quick, standalone application which is easy to use and doesn’t require a lot of support of other dependencies.’
Newer exploit modules are added as and when they release and older ones are also being daily added. Support for all them exploits – PERL, Python, etc is added too.
You can also use this tool as a port scanner if you want to, by using the ‘-skipscan‘ command line option. Using this option will make winAUTOPWN read OpenPorts.TXT directly.
winAUTOPWN Features :
- Contains already custom-compiled executables of famous and effective exploits alongwith a few original exploits.
- No need to debug, script or compile the source codes.
- Scans all ports 1 – 65535 after taking the IP address and tries all possible exploits according to the list of discovered open ports (OpenPorts.TXT)
- PortScan is multi-threaded.
- Doesn’t require any Database at the back-end like msf
- Can be also be used to test effectiveness of IDS/IPS
- Launched exploits are independent and doesn’t rely on service fingerprinting (to avoid evasion, if any)
Download the latest version 1.7 here.
UPDATE: Seems like the authors website keeps going up and down. For that reason, we have uploaded winAUTOPWN_1.9_Unpolished_Sita_16Apr2009.RAR here.
Related Blogs
- Related Blogs on Metasploit
- Metasploit | Room362.com
- New Metasploit Meterpreter Scripts « Security Aegis
- Computer Security Research – McAfee Avert Labs Blog
- Related Blogs on Penetration Testing
- ml0-320 | Download Free latest Actualtests Certification Exam …
- How to choose a Pen Tester « Steven Branigan’s Blog
- Top Tools For Penetration Testing (Security Analysis/Hacking …
- Related Blogs on winAUTOPWN
- Zafer Y?lmaz – IT Güvenli?i ve Güncel Teknolojiler » Blog Archive …
winAUTOPWN, thick client security testing metasploit, winautopwn download
Comments on this entry are closed.