MSF eXploit Builder – Free Win32 Exploit Development Platform


The MSF eXploit Builder (MSF-XB) is a free win32 application (GUI) that wants to be an Exploit Development Platform. The main goal is to speed up the exploit development process, this is accomplished by using the powerful functionalities and neat design of The Metasploit Framework.

MSF eXploit Builder - Free Win32 Exploit Development Platform


MSF-XB automatically generates MSF compliants exploits modules.

What is an Exploit

An exploit (from the English verb to exploit, meaning “to use something to one’s own advantage”) is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic (usually computerized). Such behavior frequently includes things like gaining control of a computer system, allowing privilege escalation, or a denial-of-service (DoS or related DDoS) attack.

From: Wiki

MSF Exploit Builder Development Platform

The MSF-XB package also includes for your convenience:

Fuzzers

  • TAOF, The Art Of Fuzzing v0.3.2
  • ProxyFuzz v0.1, Rodrigo Marcos
  • FileFuzz v1.0.2510.28439, iDefense
  • FTPfuzz v1.0, Infigo
  • WinFuzz v1.0.0.1, Fakehalo

Handy Tools

  • Findjmp2, Class101
  • branchseeker
  • Faultmon
  • mycrc
  • Sysinternals (Microsoft) PStools
  • wget.exe, GNU
  • xCmd (remotexec clone)
  • nc.exe
  • A local database of opcodes/return addresses (Cross-platforms, 10 locales, fast and reverse queries)
  • An ASCII table
  • A lot of converters (Ascii, Hex, Byte, Unicode …)
  • Malcode Analyst Pack v0.2
  • Process Stalker, iDefense

MSF Exploit Builder Requirements

  • Please edit and customize the MSF-XB.INI file
  • MSF-XB requires the Metasploit Framework installed to work properly (http://www.metasploit.com ): Version 3 is recommended
  • MSF-XB requires a debugger to be installed (Immunity Debugger)

You can download MSF eXploit Builder here:

MSF-XB.EXE (No longer Available) (84Mb)

MD5 41e83b8cb8d60d689bff191eb7842fc1
SHA1 1cb0e457c9fa59da8f147a96afb9c1a056a4e655

Posted in: Exploits/Vulnerabilities, Hacking Tools, Windows Hacking

, , , ,


Latest Posts:


Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.


7 Responses to MSF eXploit Builder – Free Win32 Exploit Development Platform

  1. Goodpeople December 6, 2007 at 10:58 am #

    I’ll leave the exploit building to the people that are good at it. I’m not a researcher. I teach security specialists.

  2. James December 6, 2007 at 6:44 pm #

    This is going to save me so much time.

  3. CG December 7, 2007 at 2:01 pm #

    its a good tool and Jerome put alot of work into it. there is also a video and paper on how to use it on his site, very good stuff

  4. net2004eng December 7, 2007 at 4:52 pm #

    This is way cool!!!

    This is perfect for people not only attempting to learn what the bundled exploits in MSF do, but also – of course – for those people who are actively developing exploits. Another major piece to this is that it is a Windows based tool as well…

    Hats off to the developers!

  5. Pantagruel December 7, 2007 at 9:29 pm #

    After toying with MetaSploit, this is definitely going to get tested. I just can’t help it, curious by nature. Furthermore it will come in handy for all my Windows bound colleagues who still thing my penguin to be a fluffy toy.

  6. Sir Henry December 14, 2007 at 5:17 pm #

    I agree with Pantagruel. The curiosity here is paramount and intoxicating. Although I am not someone who normally looks to craft exploits (not for lack of want), but this is something with which I shall have to experiment. I just need to get Windows on a system somewhere.

  7. fak3r December 14, 2007 at 6:25 pm #

    This is hilarious, I need to see if it’ll run under Wine! If not I may slap VirtualBox on Linux to play with this. What’s next, an Eclipse plugin for Metasploit? Too fun!