- Joined
- May 15, 2017
- Messages
- 981
- Likes
- 760
- Points
- 1,045
As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets can be collected automatically through Shodan, Censys or Zoomeye. But options to add your custom targets and host lists have been included as well. The available Metasploit modules have been selected to facilitate Remote Code Execution and to attempt to gain Reverse TCP Shells and/or Meterpreter sessions. Workspace, local host and local port for MSF facilitated back connections are configured by filling out the dialog that comes up before the exploit component is started
Operational Security Consideration:
Receiving back connections on your local machine might not be the best idea from an OPSEC standpoint. Instead consider running this tool from a VPS that has all the dependencies required, available.
The new version of AutoSploit has a feature that allows you to set a proxy before you connect and a custom user-agent.
Installation
Installing AutoSploit is very simple, you can find the latest stable release here. You can also download the master branch as a zip or tarball or follow one of the below methods;
Docker Compose
Using Docker Compose is by far the easiest way to get AutoSploit up and running without too much of a hassle.
Download AutoSploit