A while ago we tried to identify a core toolset that every pentester should start with or couldn’t live without. The first article focused on
Nmap, The second on our list is none other than the exploit framework
Metasploit. Instead of reinventing the wheel with Metasploit guides we decided to take all the disparate info on using Metasploit and put it into one place, starting from the basics all the way to advanced testing.
Here’s what I reference all the time, is new, I think is cool, or have yet to forget regarding Metasploit… and I’m still probably missing a ton of cool stuff.
If you like this content a lot of it comes from authors of the book (see below) or people promoting
Hackers for Charity… so go donate a few bucks and help Johnny Long enrich some kids lives and also buy the book and help Dave Kennedy put his kids through college (I actually don’t know if he has kids =P)
First off, read this:
It’s really good… No, seriously, go get it now…
Index of content:
- Metasploit Unleashed:
- The Metasploit Megaprimer (on SecurityTube.net):
- The Offensive Security Ohio Chapter Metaploit/Pentesting Class (recorded by Security Justice podcast):
- Chris Gates on Auxillary Scanners and Rob Fuller on Metasploit Magic:
- Ryan Lynn on Metasploit Tips and Tricks:
- Metasploitable and Walkthroughs by G0tMi1k
- Defeating Exploit Defenses and Porting Exploits to Metasploit by Dino Dai Zovi:
- MiTM Attacks with Metasploit:
- Extending and Automating in Metasploit:
- Other Metasploit Goodies:
- Neurosurgery with Meterpreter (by Colin Ames of Attack Research):
- Beyond Exploits: Real World Penetration Testing:
- Metasploit for Web Attacks:
- The Louisville Metasploit Class (on Irongeek.com):
I recommend to read the full article if you are Metasploit fun, you can read it here
No hay comentarios:
Publicar un comentario