This week, HDMoore of Metasploit and OSVDB moderators discussed cross-reference support for each product. As many are now seeing, Metasploit has a search module that allows for fast searches by a number of external references, including OSVDB.
On the OSVDB side, we now support a ‘Metasploit ID’ that currently uses the corresponding OSVDB ID to link and auto-search their database. Based on our testing, this is working great and offers cross-references to 400 Metasploit exploit modules! At the risk of pre-empting HDMoore, I am happy to announce that this is only the first step in the support each project will offer.
In the coming weeks, Metasploit will migrate to a numeric ID scheme to catalog their exploit archive. Each exploit will have it’s own page with what you see now, plus a lot more. With those unique IDs, OSVDB will change the way we link to Metasploit so there is a 1:1 mapping between projects. This will allow us to have accurate coverage for 100% of the Metasploit modules. When this happens, we will display these links under “Tools & Filters” instead of “References” along with a Metasploit logo.
If you weren’t aware, HDMoore created the concept of OSVDB and participated in the original design (~ Aug 2002). That means he has been supporting OSVDB for over seven years now. We’re pretty sure that means we owe him a beer.