I stumbledupon the Metasploit project last night.
“Metasploit provides useful information to people who perform penetration testing, IDS signature development, and exploit research. This project was created to provide information on exploit techniques and to create a useful resource for exploit developers and security professionals.”
Basically, it’s an exploit framework that makes it very easy to run exploits against local and remote systems with a chosen payload, such as a remote shell or reverse VNC session. It comes with a library of exploits for all sorts of OSes and software, even SCADA.
Another interesting note is that the Metasploit framework is written in ruby and has several user interfaces including a command line, gtk gui, and a Rails web interface.