Metasploit mailing list archives
Metasploit Penetration Testing Examples
From: gmljag at gmail.com (jag)
Date: Sun, 24 Jun 2007 16:39:39 +0200
On 6/24/07, Patrick Webster <patrick at aushack.com> wrote:
Once you've gathered enough information, you can then start targeted attacks (this is where metasploit comes in handy) etc to reach your goal... You'd then typically write a pretty report with an executive summary and technical findings/recommendations for management. As you can see, pen-testing is too broad a subject to be handled completely by MSF. Take a look at the Hacking Exposed book Table of Contents (I couldn't find anything else) for some ideas:
I'm not security expert, sorry for this... But with metasploit i'm able to execute all steps for one little pentest, using the tools from metasploit: i'm able to do "network discovery" with db_nmap (says information gathering ok it's too large) select and use exploits with payload for Attack and Penetration Phase with db_autopwn is Metasploit able to execute and manage a proxy chain? i think yes and, with Metasploit, am i able to execute any local exploit for privilege escalation? i have used framework called Core Impact in the past, ok, in that framework all is automatic but i don't think Metasploit can't able to execute a similar pen test with similar results... I'm right now using the same "voice" from CI to execute the penetration Testing and explain it, but i need documentation about, sharing and using information gathered in database from db_nmap to other modules and exploits and some informations to generate a report about the semiautomatic penetration Testing, if no module is available now, is there a template to create a beauty report for my penetration testing? thank you for your answer! and, other help is welcome! p.s. sorry for my english :( jag
Current thread:
- Metasploit Penetration Testing Examples jag (Jun 24)
- Metasploit Penetration Testing Examples Patrick Webster (Jun 24)
- Metasploit Penetration Testing Examples jag (Jun 24)
- Metasploit Penetration Testing Examples Felipe Chang - Digiware (Jun 24)
- Metasploit Penetration Testing Examples jag (Jun 24)
- Metasploit Penetration Testing Examples Jerome Athias (Jun 24)
- Metasploit Penetration Testing Examples jag (Jun 25)
- Metasploit Penetration Testing Examples Jerome Athias (Jun 25)
- Metasploit Penetration Testing Examples jag (Jun 24)
- Metasploit Penetration Testing Examples Patrick Webster (Jun 24)