Now the Tools – Pt.1 Metasploit

Posted on October 21, 2008. Filed under: Auditing, General, Penetration Testing | Tags: , , , , |

Metasploit provides useful information to people who perform penetration testing, IDS signature development, and exploit research. This project was created to provide information on exploit techniques and to create a useful resource for exploit developers and security professionals. The tools and information on this site are provided for legal security research and testing purposes only. Metasploit is a community project managed by Metasploit LLC.

So you now have the background you can find the tool in several major releases including BackTrack or you can download it at http://www.metasploit.com/framework/download/

Once you have it how do you use it.  Here are listing of links, videos, tutorials and documents to get you up to speed.

You can start with this, a good flash tutorial that shows you step by step how to use it:

Metasploit at Iron Geek – http://www.irongeek.com/i.php?page=videos/metasploit1

This video covers the use of Metasploit, launched from the Auditor Boot CD, to compromise an unpatched Windows XP box by using the RPC DCOM (MS03-026) vulnerability.

There’s a presentation by HD Moore himself at Cansecwest 2006:

csw06-moore.pdf – http://www.cansecwest.com/slides06/csw06-moore.pdf

And a couple of videos spawned from that here:

Computer defense – TASK Presentation – http://www.computerdefense.org/?p=53

The most up to date video for Metasploit 3 can be found here:

Exploring Metasploit 3 and the New and Improved Web Interface – Part 1 – http://www.ethicalhacker.net/content/view/137/24/

Exploring Metasploit 3 and the New and Improved Web Interface – Part 2 – http://www.ethicalhacker.net/content/view/136/24/

The Metasploit site itself also has some fantastic documentation, a good place to start is here:

http://framework.metasploit.com/msf/support

The Metasploit book is a good start too:

Using Metasploit – http://en.wikibooks.org/wiki/Metasploit/UsingMetasploit

The Security Focus article is a good reference too if a little outdated:

Metasploit Framework, Part 1 – http://www.securityfocus.com/infocus/1789
Metasploit Framework, Part 2 – http://www.securityfocus.com/infocus/1790

So get hacking, Metasploit is great!

Possibly related posts: (automatically generated)

Make a Comment

Make a Comment: ( None so far )

blockquote and a tags work here.

    About

    “The soft and the pliable will defeat the hard and strong.” Lao Tzu

    RSS

    Subscribe Via RSS

    • Subscribe with Bloglines
    • Add your feed to Newsburst from CNET News.com
    • Subscribe in Google Reader
    • Add to My Yahoo!
    • Subscribe in NewsGator Online
    • The latest comments to all posts in RSS
    • Subscribe in Rojo

    Meta

Liked it here?
Why not try sites on the blogroll...