Package Base Details: mad-metasploit-git

Git Clone URL: https://aur.archlinux.org/mad-metasploit-git.git (read-only)
Keywords: metasploit modules msf netsec offensive pentest redteam security
Submitter: GI_Jack
Maintainer: GI_Jack
Last Packager: GI_Jack
Votes: 0
Popularity: 0.000000
First Submitted: 2019-03-25 02:05
Last Updated: 2019-08-09 00:00

Latest Comments

madmetafail commented on 2019-08-14 17:00

avoid this junk on: https://github.com/hahwul/mad-metasploit

the crybaby puts his/her software up on the net on sites that allow 'review' feedback etc and just coz ya don't like what someone has to say or a 'concern' about your 'software' you then censor those 'complaints' ya do that here on github and ya do it on AUR

so right there for anyone following this is a 'red flag'

if ya can't handle someone saying they think something might be wrong with your 'software' then why even put it up online in public domain? let alone software that you install into a pentesting framework?

my legit complaint or 'concern' for this software is simple: i would not use it even if the code comes back 'clean' simply because of the way the author's site is built, the fact software can call out and then later on compromise your security

rapid 7 is legit, completely gone over by people from all over the world, they let folks 'complain' or allow questioning of their software, real feedback from their community, that's the first sign of someone or a company or software 'author' being legit, welcoming the feedback even if they don't like it and then not censoring it, github and the AUR have both pulled down comments i made and the first comment was bascially saying 'this might be legit but here's my concern' then the 'author' got abusive on AUR, used 'distraction' to avoid the initial concern and even stated they did not have anything to do with the website behind this software

so that right there is a concern, why would this get censored on github, then AUR and yet you take the time to put a PKGBUILD together put it up on the AUR and ya don't have anything to do with the website?

my opinion is this: when ya got to ask a question on something being 'legit' there's a good chance it isn't, nobody asks if the tires on their vehicles are round

avoid this junk, see how long this stays up, before this 'hacker' cries to github and pulls it down

https://aur.archlinux.org/packages/mad-metasploit-git/

right click on this page: https://www.hahwul.com/p/mad-metasploit.html

then view source and ask yourself if you want to install a package that is from a datamining bloat html css code website, coz why would this then be any different?

apples don't fall far from the trees, amiright?

then ask yourself? why choose a name that is 'popular' by a legit pen testing company, rapid7, get your app all over the google top searches coz your name of your 'app' basically rides on the 'metasploit' name/brand, post a github account up show up in the top url searches from google, and have a pentest package install into metasploit direct, look through the packages, look how they are arranged and named, it's a lot of 'obfuscation' with some legit packages from elsewhere online

thank goodness yer not on Windows right? lol ;)

enjoy your surveillance, have a good day