Comment Iv'e played with a few of these. (Score 4, Informative) 55
Granted, i don't consider myself to be in a proper position to write a review of them. However, a few points:
* Most of these are completely outdated, and easily miss newer security holes. (maybe apart from CORE, which is a commercial and expensive scanner).
* They are loud and noisy, and due to using well-known shellcode and attack patterns extremely prone to setting off IDS systems.
* They are, in comparison to Nmap + version scan + personal archive of public exploits, very slow.
Simply spidering public exploits off archive sites (milw0rm, packetstorm, etc...) and using custom shellcode (even without using tricks like polymorphism) would in my opinion result in much, much higher efficiency compared to using any of these programs.
* Most of these are completely outdated, and easily miss newer security holes. (maybe apart from CORE, which is a commercial and expensive scanner).
* They are loud and noisy, and due to using well-known shellcode and attack patterns extremely prone to setting off IDS systems.
* They are, in comparison to Nmap + version scan + personal archive of public exploits, very slow.
Simply spidering public exploits off archive sites (milw0rm, packetstorm, etc...) and using custom shellcode (even without using tricks like polymorphism) would in my opinion result in much, much higher efficiency compared to using any of these programs.
