The following things are required for the December alpha release: - testing - framework core - handlers - framework modules - exploits - payloads - encoders - nops - recon - framework sessions - shell - meterpreter - rex - post-exploitation - meterpreter - pivoting - networking - switch board routing table for pivoting - meterpreter 'comm' support - proxy 'comm' support - asm - block dependencies (req'd for shikata) - block permutation generation (req'd for shikata) - text - create_pattern, pattern_offset - base64 - consider extending String - framework-core - modules - reloading - compatibility filtering (keys) - description sanitation (strip lines/etc) - payloads - meta information - stager/stage calling conventions - stack requirements - make payload prepend target specific - sessions - logging session activity - handler sharing - exploits using the same payload/handler can share (ref count) - modules needing ports (above other modules) - encoders - shikata - nops - opty2 - payloads - mac os x payloads - solaris payloads - bsd payloads - user interfaces - general - add concept of EVASION option (high, normal, low) - logging improvements - provide log file setting interface - log by default in the LogDir - msfcli - msfweb - msfpayload - msfencode - msfconsole - spawn web-server from within msfconsole (msfweb instance) - irb mode - running 'msf scripts' The following things should be implemented both as protocols and as exploit mixins to encourage code re-use: - ftp - backup agent protocols - CA brightstor - Arkeia - mssql - sunrpc - xdr - jbase - oracle Things that would be useful to have completed, but not a requirement: - rex - exploitation - format string generator - opcodedb client (return addr pooling) - networking - msfd 'comm' support - modules - payloads - implement 'reliable' stagers with a higher rating so that if there is enough room, reliable stagers can be used - recon - basic range/port scanner - basic service identifier - basic OS fingerprinting - framework-base - event correlation - recon events correlations - user interfaces - msfd - daemon interface, provides command line interaction and proxying - support authentication - support SSL