AutoSploit is a Python-based automated tool for exploiting vulnerabilities in internet-connected devices using two penetration testing tools, Shodan and Metasploit.
Freely available online, AutoSploit allows a remote attacker to quickly and easily target a wide variety of devices using a comprehensive list of exploits. Presently it appears the goal of most attacks is to gain remote code execution capability, although this is likely to change.
Usage of AutoSploit requires little to no specialist knowledge, however, it appears difficult to target a specific subset of devices. Shodan search strings must match the corresponding Metasploit module, with failure to do so will resulting in the module not running. An alternate mode runs every exploit included in the framework against the returned results.
Publicly available internet-connected devices.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.