DEV Community

loading...
Cover image for I want to re-write metasploit? Really?

I want to re-write metasploit? Really?

bdmorin profile image Brian ・2 min read

I've had a flurry of app ideas and notions I want to put to code recently. I've been hitting the bits hard sharpening my Python skills. I'm developing some scrapy based web scrapers for a few apis I want to make public, I'm learning Dart/Flutter because I want to write a mobile app to consume the afore mentioned APIs I'm developing. Javascript is a constant learning process, and NodeJS seems to be a requirement or preference in nearly every modern project; however, I can't look at Javascript/NodeJS the same after learning about Typescript -- ARGH!

None of that's the point though of this post though. I've had a business need on several occasions to perform network (ip/service) discovery and dump that information so it can be mangled and jangled in many different ways. I've not found a single FOSS IPAM solution that let's me do discovery, delta tracking over time, and the ability to annotate discovered hosts and services.

Digital Ocean released a software called Netbox that is wonderful, only.. There's no discovery, and basic service management. Netbox does have a wonderful API that I could potentially use for discovery, only the inability to manage and handle network deltas and services really limit the use case of this otherwise brilliant software.

You know what does network asset management well? Metasploit. Metasploit is a penetration testing tool, you know what else it does really freaking well? Asset Management. I have several databases I keep, I scan work things, home things, other things... Metasploit does a great job of handling my scans and updating discovery. Metasploit, while a community edition does exist, is meant to be a tester's tool. What I need is a management tool.

So.. I'm considering using other projects to cobble together a solution to handle discovery, deltas, and presentation. Projects like nmap and masscan handle discovery very well, and export data in nearly any format I need. I could easily setup a 0MQ/MQTT system that handles regular scans, triggers in-depth scans, and generally manages discovery. I figure a graph database (neo4j?) to handle relationships, paired with a document database (I love Elasticsearch) for metadata, use Django or Meteor as a framework, and I might just have an interesting project on my hands.

Now I'm in the dilema of "should I do this?" - I have other projects I can be working on, and I'd like to find a project that actually pays. This project could be interesting, and hopefully helpful to other admins.

I guess we'll see.

Update:
Here are some more resources for IPAM:
https://alternativeto.net/software/netbox/?license=opensource
https://en.wikipedia.org/wiki/IP_address_management
https://github.com/kahun/awesome-sysadmin#service-discovery
https://www.g2crowd.com/categories/service-discovery
https://arcentry.com/api-docs/

Photo by Markus Spiske

Discussion (2)

Collapse
mikkel1156 profile image
Mikkel D.

I'm gonna point out the obvious here.

You'll need to prioritize your projects. You mentioned that you've needed such a tool on several occasions, if the amount of use you'll get out of this project is larger than the others (which might just be for fun or interest), then I think you should do it. How large that project is, is also a factor. If you could make something fun or useful quick, then do that.

Collapse
ben profile image
Ben Halpern

Now I'm in the dilema of "should I do this?"

Can you go back to talking about the original project? The why... To me the implementation details might have clouded the original intent (or at least my understanding of it😋)

Forem Open with the Forem app