SecurityForest's Exploitation Framework is similar in concept to the open-source Metasploit Framework (http://www.metasploit.com
) and the commercial offerings such as Immunity's CANVAS (http://www.immunitysec.com
) and Core Security Technology's Impact (http://www.corest.com
The major difference between the above mentioned frameworks and the SecurityForest Exploitation Framework is that it leverages the massive amount of exploits available in the ExploitTree. These exploits are publically available and do not have to be re-written to be used in the framework (no matter what language and sometimes no matter what OS).