plz add COBALT STRIKE!!!!!!Exploitation 101
Cobalt Strikes's graphical user interface offers direct control of the 1,000+ exploits and advanced features in the open source Metasploit® Framework. Cobalt Strike imports vulnerability scans from Nessus®, NeXpose®, and Qualys®. Cobalt Strike also launches Nmap® scans, recommends exploits, fires attacks at multiple hosts, and displays targets in an intuitive way. Users of the popular open source Armitage software will love Cobalt Strike.

Package Attacks
Effective social engineering gives someone what they expect. Cobalt Strike adds controllable malware to files. Cobalt Strike creates convincing attacks from:
Adobe PDF Files
Java Applications
MacOS X Applications
Microsoft Office Documents
Microsoft Windows Programs
USB Sticks

Spear Phishing Campaigns
E-mail is the first attack vector in most compromises today. To create a convincing phish, import an existing message into Cobalt Strike. Our message template system will also tailor each email with a target's name and address. Cobalt Strike helps you create believable messages at scale. Attach your malware or link to your Cobalt Strike hosted web drive-by attack.

Web Drive-by Attacks
Clone a website and capture credentials from your victims or exploit their browser--it's your choice. Cobalt Strike's system profiler finds client-side vulnerabilities from a target's browser. With Cobalt Strike, you'll know which attacks to try. If you're in a hurry, Cobalt Strike will select and launch a client-side attack for you.

Post Exploitation
Cobalt Strike is built for post-exploitation. Use the Beacon payload to quietly control a host. Spawn a meterpreter session to grab screenshots, snap webcam pictures, browse files, and interact with a command prompt. Escalate your privileges using modules that take advantage of configuration mistakes and system vulnerabilities. Setup a pivot or use Covert VPN to bridge yourself into the target's network. Abuse stolen tokens and password hashes to attack hosts on an Active Directory domain. Cobalt Strike gives you the tools to go from one compromise to total network control.

Reporting
Cobalt Strike captures every action for reporting purposes. These PDF and MS Word documents reconstruct the penetration test and help you demonstrate risk. Cobalt Strike reports:
reconstruct your engagement in an activity log;
summarize all findings on a host-by-host basis;
list exploited remote vulnerabilities;
show client-side vulnerabilities found by Cobalt Strike;
capture all social engineering activity including who clicked on the red team's links.
Cobalt Strike also provides raw data in XML and TSV formats, useful for internal processing.

Robust Collaboration
Cobalt Strike is a multi-user penetration testing system. Start a team server and connect Cobalt Strike clients from Linux, MacOS X, and Windows. Use the shared event log to know what's happening. Assign host labels to share notes and coordinate actions. All hosts, services, downloaded files, and collected credentials are available to your team. When a team member compromises a host, anyone may control it. It's now trivial to organize your local and distributed teams based on tasks and expertise rather than targets.