VirusTotal is owned by Google and computer users can upload virus samples to the database in order to find out if they have been detected by any of the various anti-virus engines.
CANVAS is developed by Immunity, a company that was set up by former NSA hacker Dave Aitel and then sold to Cyxtera Technologies in 2019. Aitel left the company at the end of 2020.
Early in his career, Aitel used to sell zero-day exploits. The leaked version of CANVAS is 7.26 and is dated about September 2020.
On Tuesday, as iTWire reported, a working exploit for Spectre, a hardware vulnerability, on Linux systems, was found by a French researcher Julien Voisin. This also appears to have come from Immunity and was being referred to by Balci.
He also posted screenshots of the CANVAS interface, adding in another tweet: "The framework code quality is awesome. Since it got leaked, Immunity should make it open source :).
"It would be great to have a Python alternative to Metasploit. Selling new modules can also be a sufficient business model."
Metasploit is a free exploit development framework created by veteran researcher H.D. Moore. While similar to CANVAS, it has been rewritten in Ruby, after having been initially written in Perl.
The leaked version of CANVAS is also available on a Telegram chat group and on the Raidsforum.