Oct 17, 2012 · 7:30 PM
For session 1 of our metasploit we'll demonstrate how to use a collection of common tools such as whois, nslookup, netcat, nmap, and nessus to foot print a network and build a database of vulnerability information within the metasploit frame work. Then we'll show how to query that information so that auxiliary modules and exploits within the framework are pre-populated.
* Laptop with backtrack 5 R3 installed and configured with the latest updates
* Be sure to execute msfupdate ahead of time so you have the latest revision of the metasploit framework.
* Prior to starting this workshop it will be helpful if you watch part one of the metasploit mega-primer: http://www.securitytube.net/video/1175 so you have a basic grasp of how to get around in the framework.
A note on Ethics:
One of our goals in facilitating this series of workshops is to grow interest in offensive security in our local community. To fully understand these concepts you as a participant will be bypassing security measures within our test environment. When you leave our workshops we anticipate that you will continue to work and learn in this area and to that end we hope you keep the following in mind:
* Don't be malicious
* Don't be stupid
* Don't attack targets without written permission.
* Consider the consequences of your actions
* If you do things illegally, you can be caught and put in jail!
Our goal is to spread knowledge not help you get into trouble.