Metasploit mailing list archives
Pen-Testing and Metasploit Question
From: ron at oneinsane.net (Ronald L. Rosson Jr.)
Date: Tue, 21 Apr 2009 07:32:35 -0500
On Apr 21, 2009, at 3:06 AM, max wrote:
No, pentesting is not about tools. It's bout the same when you would say painting is about Brushes. Maybe one can get away with core/msf etc etc but hey.. this is the boring part of the job. Nothing is better then being hired for reviewing something new, which is not in the toolset. All the great tools are coming out of a need by people doing their work/fun. Pentesting is more about apply your knowhow in creative ways, which is a definition of art&passion.
AMEN!! ;) The methodology on how you go about breaking down your target is were the rush comes into play and the hard work pays off. Tools like MSF and Core Impact are just tools. In the hands of the right people they do beautiful things.
chuks Jonia wrote:The most important thing is practice, to understand how you can pentest different platforms and networks. And also bypassing of IDSs and IPS system. Maybe you have a good background in networking, administration and development which adds an advantage, but this field may need alot of work and patience to make it. On Mon, Apr 20, 2009 at 2:11 AM, Professor 0110 <professor0110 at gmail.comwrote: Hi everyone, I'm hoping to officially break into the Penetration Testing/Ethical Hacking/Information Security sector within the next couple of years. I was wondering if just having the Metasploit Framework for exploitation would be enough in a Pen Testing situation - along with Port Scanners, Vulnerability Scanners, and Back-Track of course. :) The reason I ask is that Metasploit doesn't cover every single remote exploit, and to compile an exploit off places such as Milw0rm can be time consuming and inefficient in a Pen testing situation. Especially if the source code is broken and needs tweaking/rewriting to compile properly. Thanks. :) Professor 0110 _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Pen-Testing and Metasploit Question Professor 0110 (Apr 19)
- Pen-Testing and Metasploit Question chuks Jonia (Apr 19)
- Pen-Testing and Metasploit Question max (Apr 21)
- Pen-Testing and Metasploit Question Ronald L. Rosson Jr. (Apr 21)
- Pen-Testing and Metasploit Question max (Apr 21)
- Pen-Testing and Metasploit Question rogue (Apr 20)
- Pen-Testing and Metasploit Question chuks Jonia (Apr 20)
- Message not available
- Pen-Testing and Metasploit Question Professor 0110 (Apr 21)
- Pen-Testing and Metasploit Question MaXe (Apr 22)
- Pen-Testing and Metasploit Question Professor 0110 (Apr 21)
- Pen-Testing and Metasploit Question chuks Jonia (Apr 19)
- Pen-Testing and Metasploit Question Simon Taplin (Apr 22)
- Pen-Testing and Metasploit Question pandini pandini (Apr 23)
- Pen-Testing and Metasploit Question Kevin Beaver (Apr 23)
- Pen-Testing and Metasploit Question Ben Nell (Apr 23)
- Pen-Testing and Metasploit Question pandini pandini (Apr 29)
- Pen-Testing and Metasploit Question Matt Gardenghi (Apr 30)
- Pen-Testing and Metasploit Question pandini pandini (Apr 23)