Pretty well really.
A front end isn’t really targeting established professionals who are just going to automate what they do themselves, if freelance charge for it, if part of a company put it in the DSL and schedule it with SOAR or similar.
If you made a nice open source project that would certainly be welcome for some folks, but it would need a lot of steam behind it to be tested, used, governed enough for commercial or widespread use. It’s likely better to join a project first than build your own.
If you’re looking to build something commercial? Go get ‘em Tiger! 🙂
Or rather don’t, take a look at Core Impact’s story (potted for you below from our good pal Aye-Aye…) Once the top tier framework, if you could afford it, if not metasploit etc - it’s now folded into Forta, which buys past it’s prime software folk are using and maintains it for a fee.
You might be a rare genius with 100% of you time to donate for free, but I fear this market is very saturated with established players.
As John points out maybe doing something with Kali might make sense, but to do something commercially viable I think you’d need to backtrack to a time when the sharks on the wire were still ethereal…
AI summary begins:
Core Impact is a penetration testing software developed by Core Security, which has undergone numerous changes and developments since its inception:
- **Founding**: Core Security was founded in 1996 in Buenos Aires, Argentina. Initially focusing on security consulting, it soon branched into software solutions.
- **Early Development**: In 2000, Core Security established its first U.S. office in New York, NY. By 2002, they released the first and second versions of Core Impact Pro, their flagship penetration testing product. This period marked the company's early foray into automated penetration testing solutions, designed to mimic real-world cyber attacks.
- **Growth and Acquisitions**:
- In 2002, Morgan Stanley invested in Core Security, becoming a shareholder.
- The company moved its U.S. headquarters to Boston, MA, in 2003.
- Throughout the 2000s, Core Security expanded its offerings, with significant updates and partnerships like the one with nCircle in 2012.
- **Ownership Changes**:
- In 2015, Core Security was acquired by Courion, an identity and access management company. Courion rebranded to Core Security in 2016.
- In 2016, Core Security acquired Damballa for $9 million, expanding its capabilities in threat detection.
- A merger with SecureAuth occurred in 2017.
- By February 2019, HelpSystems acquired the Core Security products from SecureAuth, and in 2022, HelpSystems rebranded to Fortra.
- **Product Evolution**: Core Impact has evolved from a tool focused primarily on network penetration testing to one that includes testing for web applications, endpoints, and even IoT devices. It's now known for its comprehensive penetration testing capabilities, with features like automated exploit updates, a user-friendly interface, and integration with other security tools. Core Impact has been praised for its ability to simulate real-world attacks, helping organizations understand their security posture against modern cyber threats.
- **Recognition**: Over the years, Core Impact has received multiple accolades, including the 2014 Readers' Choice Awards for "Excellence in Vulnerability Management" from Information Security Magazine and SearchSecurity.com.
- **Current Status**: As of the latest updates, Core Impact continues to be developed under Fortra, focusing on providing advanced, automated penetration testing solutions that help security teams uncover vulnerabilities in their environments safely and efficiently.
This summary reflects the journey of Core Impact from its inception to its current state, highlighting significant milestones in its development and ownership.
