Yes. Have a look at Tiger: http://savannah.nongnu.org/projects/tiger/. There are also much more active solutions. Specifically, take a look at http://en.wikipedia.org/wiki/Metasploit_Project. With Metasploit you can explore your entire network and try to break into it. I saw a great presentation on this framework and while it's complex and the learning curve is high the stuff is fascinating.
Basically, let's say you have a mixed Windows/UNIX network with a single UNIX-like web server and a strict firewall. Metasploit will automate looking for vulnerabilities on the exposed web server ranging from known shell and SQL injection attacks to straight-up buffer overflow attacks on system services. It will then automate deploying remote exploit, then a local exploit to get root, and opening up a shell connection to the broken server (can tunnel traffic through a variety of methods including DNS). It will then help you scan the rest of the network from this newly rooted machine, doing the same thing.
The takeaway is that once you get any access to any Windows machine, you've owned the entire network because there is usually at least one local root exploit on Windows and then it takes minutes to crack the admin password. After that, you better pray that each machine has a different admin password, or else it's game over.
EDIT: BTW, the presenter had some fun ideas/suggestions for what a person breaking into the machine might do:
* Take a picture of the user using the web cam and set it as the desktop background.
* Take a screenshot and set it as the background.
* Play the sounds recorded through the mic to the speakers.
"This same tool has now been resurrected and there is ongoing development in order to make it useful for newer versions of the UNIX operating systems it supported."
Basically, let's say you have a mixed Windows/UNIX network with a single UNIX-like web server and a strict firewall. Metasploit will automate looking for vulnerabilities on the exposed web server ranging from known shell and SQL injection attacks to straight-up buffer overflow attacks on system services. It will then automate deploying remote exploit, then a local exploit to get root, and opening up a shell connection to the broken server (can tunnel traffic through a variety of methods including DNS). It will then help you scan the rest of the network from this newly rooted machine, doing the same thing.
The takeaway is that once you get any access to any Windows machine, you've owned the entire network because there is usually at least one local root exploit on Windows and then it takes minutes to crack the admin password. After that, you better pray that each machine has a different admin password, or else it's game over.
EDIT: BTW, the presenter had some fun ideas/suggestions for what a person breaking into the machine might do:
* Take a picture of the user using the web cam and set it as the desktop background.
* Take a screenshot and set it as the background.
* Play the sounds recorded through the mic to the speakers.