WMAP allows us to add our own modules. This could be modules from the MSF or we can make our own module entirely from scratch. Let's use an example of the SSL module. The following screenshot shows that we have two modules that are currently being used by WMAP:
We can add another SSL-based scanner module as well (apart from the SSL Labs modules that are available in the MSF):
- We will use the ssllabs_scan module, which will perform an SSL scan using Qualys SSL Labs' online SSL scanner via the public API provided by Qualys:
- We now edit the source code of this module so that we can add the necessary library and methods that can be used in the scan:
- We add the following line below the MetasploitModule class:
include Msf::Auxiliary::WmapScanSSL
The aforementioned WMAP library provides methods for WMAP SSL scanner modules that are included...