+

Penetration Testing with Metasploit in Exploiting Software 09/12

October 24, 2012


Penetration Testing with Metasploit in Exploiting Software 09/12Penetration Testing with Metasploit in Exploiting Software 09/12 – Hakin9 Teasers
Penetration Testing with Metasploit in Exploiting Software 09/12

Follow the steps below to download the magazine:
  1. Register, accept the Disclaimer and choose subscription option.
    Attention!
    By choosing the Free Account option you will only be able to download the teaser of each issue.
  2. Verify your account using the verification link sent to your email address.
  3. Check the password sent on your email address and use it to log in.
  4. Click the download button to get the issue.


IMPORTANT: the registration on the website includes subscription to our newsletter.

DEFENSE PATTERN
How to Use Metasploit for Security Defense
By Justin C. Klein Keane
If you’ve ever taken any training about penetration testing, or read almost any book or online article about the trade, you’ve heard of Metasploit. Years ago, before penetration testing was a recognized professional field, exploiting a vulnerability was often an extremely onerous task. Identifying a vulnerability might be as easy as fingerprinting a system then searching public mailing lists, but finding exploit code was often difficult.

How to Work with Metasploit Auxiliary Modules

By Abhinav Singh
The Metasploit framework is based on a modular architecture. This means that all the exploits, payloads, encoders, etc are present in the form of modules. The biggest advantage of a modular architecture is that it is easier to extend the functionality of the framework based on requirement. Any programmer can develop his own module and port it easily into the framework.

How to Explore the IPv6 Attack Surface with Metasploit
By Mike Sheward
IPv6 is often described as a parallel universe, co-existing alongside existing IPv4 infrastructure in a bid to ease the transition process. Often left unmanaged and unmonitored in networks, those IPv6 packets could provide a great opportunity for the savvy attacker. Thanks to the Metasploit framework, exploring the IPv6 attack surface has become a lot easier.

HAKIN9 EXTRA
How to Use The Mac OS X Hackers Toolbox
By Phillip Wylie, CISSP, IAM
When you think of an operating system to run pen testing tools on, you probably think of Linux and more specifically BackTrack Linux. BackTrack Linux is a great option and one of the most common platforms for running pen testing tools. If you are a Mac user, then you would most likely run a virtual machine of BackTrack Linux. While this a great option, sometimes it is nice to have your tools running on the native operating system of you computer.

NETWORK SCANNING
How to Scan with Nessus from within Metasploit
By Michael Boman
When you perform a penetration test with Metasploit you sometimes import vulnerability scanning results for example Nessus Vulnerability Scanner. Usually you start the scan externally from Metasploit framework and then import the results into Metasploit. What you can do is to manage the Nessus scan from within Metasploit and easily import the results into your process. But let’s start from the beginning.

How to Use Multiplayer Metasploit with Armitage
By Michael Boman
Metasploit is a very cool tool to use in your penetration testing: add Armitage for a really good time. Penetration test engagements are more and more often a collaborative effort with teams of talented security practitioners rather than a solo effort.
Armitage is a scriptable red team (that is what the offensive security teams are called) collaboration tool for Metasploit that visualizes targets, recommends exploits, and exposes the advanced post-exploitation features in the framework.

EXPLORING DATABASE
How to Use Sqlploit
By George Karpouzas
Databases nowadays are everywhere, from the smallest desktop applications to the largest web sites such as Facebook. Critical business information are stored in database servers that are often poorly secured. Someone with access to this information could have control over a company’s or an organization’s infrastructure.

Comments

Tagged with:

Leave a Comment

Please keep in mind that comments are moderated and rel="nofollow" is in use. So, please do not use a spammy keyword or a domain as your name, or it will be deleted. Let us have a personal and meaningful conversation instead.

You must be logged in to post a comment.


IT MAGAZINES: Hakin9 Magazine | Pentest Magazine | eForensics Magazine | Software Developer's Journal | Hadoop Magazine | Java Magazine
IT Blogs: Hakin9 Magazine Blog | Pentest Magazine Blog | eForensics Magazine Blog | Software Developer's Journal Blog | Hadoop Magazine Blog | Java Magazine Blog
IT ONLINE COURSES: Pentest Laboratory
JOB OFFERS FOR IT SPECIALIST: Jobs on Hakin9 Magazine | Jobs on Pentest Magazine | Jobs on eForensics Magazine | Jobs on Software Developer's Journal | Jobs on Java Magazine | Jobs on Hadoop Magazine
Hakin9 Media Sp. z o.o. Sp. komandytowa ul. Postępu 17D, 02-676 Warszawa