AutoSploit Automated Exploit Tool

AutoSploit is a Python-based automated tool for exploiting vulnerabilities in internet-connected devices using two penetration testing tools, Shodan and Metasploit.

Freely available online, AutoSploit allows a remote attacker to quickly and easily target a wide variety of devices using a comprehensive list of exploits. Presently it appears the goal of most attacks is to gain remote code execution capability, although this is likely to change.

Usage of AutoSploit requires little to no specialist knowledge, however, it appears difficult to target a specific subset of devices. Shodan search strings must match the corresponding Metasploit module, with failure to do so will resulting in the module not running. An alternate mode runs every exploit included in the framework against the returned results.

Affected Platforms

Publicly available internet-connected devices.

Abstract cloud storage on white background (done in 3d)


Leave a Reply