Join us for a Free Webinar on March 22
James "egyp7" Lee takes participants in a technical deep-dive through the new features of the free and open source Metasploit Framework version 3.6, focusing on techniques valuable to professional penetration testers in red teams and consulting firms. This will include post exploitation modules (a more powerful replacement for Meterpreter scripts) and using platform-agnostic payloads for increased pwnage. Before the Q&A, he will also cover some of the feature highlights in the commercial Metasploit editions Metasploit Pro and Metasploit Express. Webinar participants should be familiar with the concepts of Metasploit and penetration testing. James "egyp7" Lee has been contributing to the open source Metasploit Framework as a core developer and project manager since April 2008. Before joining Rapid7 to work on Metasploit in a full-time position, he discovered numerous vulnerabilities in SCADA and Industrial Control Systems at Idaho National Laboratory. James has presented at DEF CON, Black Hat USA, Black Hat DC, SANS Process Control & SCADA Security Summit, and other events.
Date: Tuesday, March 22, 2011
Time: 11:00 AM - 12:30 PM CDT
Time: 11:00 AM - 12:30 PM CDT
By Raphael Mudge, Armitage Creator
Metasploit is a popular exploitation framework that has seen plenty of coverage on ethicalhacker.net. This article introduces Armitage, a new GUI for Metasploit built around the hacking process. Today, I will show you how to use Armitage to scan a Linux host, find the right exploit, exploit the host, and handle post-exploitation. By following this process, you will learn how to use Armitage and Metasploit in your own work.
The target we will use is the Metasploitable Linux virtual machine. Metasploitable contains several vulnerabilities making it a safe, and, dare I say ethical, training ground for future penetration testers.
Read the Armitage documentation to get Armitage running. Through the rest of this article, I will assume that you have Metasploitable running, Armitage is ready, and that you have downloaded this Python script that we will use later. Let's get to work.
Read on... Book Review: Ninja Hacking
Review by Ryan Linn, CISSP, MCSE, GPEN
| “Ninja Hacking,” the new book by Thomas Wilhelm and Jason Andress, is not a typical book about hacking and penetration testing. Experienced penetration testers who want to learn cutting-edge penetration techniques will find few references to little-known penetration tools or techniques presented in bland technical format. The book doesn’t rely on pun-filled humor, either. |  |
Free Download Below of Chapter 5: Disguise
Read on... Stay Tuned:
- Course Review: Path to the ISAM
- Interview with Jay Bavisi, President of EC-Council
- The 5 Secrets to Phishing Success by Mike Murray
- Book Review: Social Engineering: The Art of Human Hacking
- More Course & Book Reviews
Giveaway Corner
Free 5-Day Training Course Worth $3995!
February 2011 Free Giveaway Sponsor - FishNet Security Training Services
Not sure what to do next, where or how? Would like instructor-led live training, but can't afford travel? Maybe you can't travel but can afford live boot camps? Or you simply prefer online training? No worries. FishNet Security's Training Services offers the peace of mind in picking a training company that can handle all of your security training needs. They offer courses in a variety of platforms for multiple areas such as 7Safe's CSTA & CSTP, Check Point, Juniper, EC-Council, ISC2, et al. And 1 lucky EH-Net Member gets their choice of course and platform (excluding CISSP) worth almost $4000!
So hit the forums, write some articles, spread the news of EH-Net, and this month's prize can be yours. If you don't win this month, don't fret. Use Coupon Code EHacker2011 for 15% Off FishNet Security Training. So what are you waiting for, an engraved invitation? You've got free training to win!
Not sure what to do next, where or how? Would like instructor-led live training, but can't afford travel? Maybe you can't travel but can afford live boot camps? Or you simply prefer online training? No worries. FishNet Security's Training Services offers the peace of mind in picking a training company that can handle all of your security training needs. They offer courses in a variety of platforms for multiple areas such as 7Safe's CSTA & CSTP, Check Point, Juniper, EC-Council, ISC2, et al. And 1 lucky EH-Net Member gets their choice of course and platform (excluding CISSP) worth almost $4000! So hit the forums, write some articles, spread the news of EH-Net, and this month's prize can be yours. If you don't win this month, don't fret. Use Coupon Code EHacker2011 for 15% Off FishNet Security Training. So what are you waiting for, an engraved invitation? You've got free training to win!
January Winners! January 2011 Free Giveaway Winners - eLearnSecurity
Penetration Testing Training Course - Student, will provide you with all the answers and the skills you need to move your first steps towards a career as a penetration tester. Designed and written by Armando Romeo in cooperation with a junior pentration tester, this course answers all the fears, doubts and hunger for knowledge of anyone at day 0 of their penetration testing career." So we have 2 announcements for all of you:
Penetration Testing Training Course - Student, will provide you with all the answers and the skills you need to move your first steps towards a career as a penetration tester. Designed and written by Armando Romeo in cooperation with a junior pentration tester, this course answers all the fears, doubts and hunger for knowledge of anyone at day 0 of their penetration testing career." So we have 2 announcements for all of you: 1. The 3 winning EH-Net Members are angel.wardriver, data_raid & timmedin.There's no better time like the new year to focus your attention on what you really want out of life. Is it pen testing? Find out if this career path is really for you with more info after the break and at the link above. And at this price, it's worth it! Congrats to the winners.
2. The 5% Discount Continues! This EXCLUSIVE Offer for EH-Netters has been extended indefinitely!! So when you're ready, SIGN UP HERE.
Upcoming Events
BSidesHalifax 2011 March 5
IANS Mid-Atlantic InfoSec Forum 2011 March 8 - 9
12th Annual CanSecWest March 9 - 11
BSidesGSO 2011 March 9
BSidesAustin 2011 March 11 - 12
Black Hat Europe 2011 March 15 - 18
Boston 2011 Secureworld Expo Mar 23 - 24
NETSECURE 2011 Mar 24 - 25
SANS 2011 March 26 - April 4
* Add your event to EH-Net's Global Calendar: events(at)ethicalhacker(.)net
IANS Mid-Atlantic InfoSec Forum 2011 March 8 - 9
12th Annual CanSecWest March 9 - 11
BSidesGSO 2011 March 9
BSidesAustin 2011 March 11 - 12
Black Hat Europe 2011 March 15 - 18
Boston 2011 Secureworld Expo Mar 23 - 24
NETSECURE 2011 Mar 24 - 25
SANS 2011 March 26 - April 4
* Add your event to EH-Net's Global Calendar: events(at)ethicalhacker(.)net
SANS vLive! 617 Wireless Hacking with Josh Wright Starts April 19 - Advertisement
Enter discount code WISPY_EH will receive a FREE Wi-Spy DBx portable spectrum analyzer from Metageek
No comments:
Post a Comment