Request, Support, Ideas or New updates. Access the Immunity CANVAS forum.
Immunity CANVAS Professional
Immunity's CANVAS makes available hundreds of exploits, an automated exploitation system, and a comprehensive, reliable exploit development framework to penetration testers and security professionals worldwide. To see CANVAS in action please see our movies.
CostLicense:
Current Price: $1450
- one license allows up to 10 users/installations
- includes one quarter of standard monthly updates and support
- unrestricted (no target IP address limitations)
- full source code
- Your use of CANVAS Professional does not expire when your support
period is over.
Standard Monthly Updates and Support: $2920 for 1 year
Early Updates and Support: $35,980 for 1 year
Supported Platforms and Installations
- Windows (requires Python & PyGTK)
- Linux
- MacOSX (requires PyGTK)
- All other Python environments such as mobile phones and commercial
Unixes (command line version only supported, GUI may also be available)
Architecture
- CANVAS Professional's completely open design allows a team to adapt
CANVAS Professional to their environment and needs.
Documentation
- all documentation is delivered in the form of demonstration movies
- exploit modules have additional information windows
Exploits
- currently over 370 exploits, an average of 4 exploits added every
monthly release
- Immunity carefully selects vulnerabilities for inclusion as CANVAS
exploits. Top priorities are high-value vulnerabilities such as remote,
pre-authentication, and new vulnerabilities in mainstream software.
- Exploits span all common platforms and applications
Payload Options
- to provide maximum reliability, exploits always attempt to reuse socket
- if socket reuse is not suitable, connect-back is used
- subsequent MOSDEF session allows arbitrary code execution, and
provides a listener shell for common actions (file management,
screenshots, etc)
- bouncing and split-bouncing automatically available via MOSDEF
- adjustable covertness level
Exploit Delivery
- regular monthly updates made available via web
- exploit modules and CANVAS engine are updated simultaneously
- customers reminded of monthly updates via email
Exploit Creation Time
- exploits included in next release as soon as they are stable
Effectiveness of Exploits
- all exploits fully QA'd prior to release
- exploits demonstrated via flash movies
- exploit development team available via direct email for support
Ability to make Custom Exploits
- unique MOSDEF development environment allows rapid exploit development
Product Support and Maintenance
- subscriptions include email and phone support M-F 9am - 5pm EST, directly with development team
- minimum monthly updates
Development
- CANVAS is a platform that is designed to allow easy development of
other security products. Examples include
Gleg, Ltd's VulnDisco
and the Argeniss
Ultimate 0day Exploits Pack.