The following things are required for the December alpha release: - rex X - post-exploitation X - meterpreter X - pivoting X - portfwd command - networking X - switch board routing table for pivoting X - meterpreter 'comm' support - proxy 'comm' support - asm - block dependencies (req'd for shikata) - block permutation generation (req'd for shikata) - text X - create_pattern, pattern_offset X - base64 X - consider extending String - framework-core - modules X - reloading X - compatibility filtering (keys) X - description sanitation (strip lines/etc) - payloads X - meta information X - stager/stage calling conventions X - stack requirements X - make payload prepend target specific X - sessions X - logging session activity - modules needing ports (above other modules) - encoders - shikata X - nops X - opty2 - payloads - cmd payloads X - mac os x payloads - osx null free reverse stager X - solaris payloads X - bsd payloads - user interfaces - general X - add concept of EVASION option (high, normal, low) X - logging improvements X - provide log file setting interface X - log by default in the LogDir X - msfcli - msfweb X - msfpayload X - msfencode - msfconsole - spawn web-server from within msfconsole (msfweb instance) - irb mode - running 'msf scripts' - testing framework - framework core - handlers - framework modules - exploits - payloads - encoders - nops - recon - framework sessions - shell - meterpreter - documentation - rex - framework-core - framework-base - module interfaces The following things should be implemented both as protocols and as exploit mixins to encourage code re-use: - ftp - backup agent protocols - CA brightstor - Arkeia - mssql - sunrpc - xdr - jbase - oracle Things that would be useful to have completed, but not a requirement: - rex - exploitation - format string generator - opcodedb client (return addr pooling) - networking - msfd 'comm' support - modules - payloads - implement 'reliable' stagers with a higher rating so that if there is enough room, reliable stagers can be used - recon - basic range/port scanner - basic service identifier - basic OS fingerprinting - framework-core - handler sharing - exploits using the same payload/handler can share (ref count) - framework-base - event correlation - recon events correlations - user interfaces - msfd - daemon interface, provides command line interaction and proxying - support authentication - support SSL