The Metasploit Framework is a penetration testing toolkit, exploit
development platform, and research tool. The framework includes hundreds of
working remote exploits for a variety of platforms. Payloads, encoders, and
nop slide generators can be mixed and matched with exploit modules to solve
almost any exploit-related task. This tutorial will walk you through how to
use the latest version of Nessus pre-built plugin filter ‘Metasploit
Framework' in your pentest assignments. It will also cover some useful
metasploit tips to achieve privilege escalation. Wouldn't it be great to have
a shell on another box just in case you lose your meterpreter shell? This
tutorial covers this and other metasploit tips.
Integrating Nessus 5 with Metasploit
With the release of Nessus 5 by Tenable Network Security users now have
better filtering in policy creation, analysis,... (more)
In a previous article , I described how to obtain a memory image from a
Windows computer that would allow forensic analysis. I briefly discussed
using F-Response TACTICAL  to get the memory image, and then Volatility
 and Mandiant Redline  for further investigation. In this paper, I dive
more deeply into Redline and Volatility.
To begin, I review a raw memory dump of a known malware variant (see the
"Malware Image" box) with Mandiant Redline. After firing up Redline, I chose
By Analyzing a Saved Memory File under Analyze Data and browsed to the
location of the memory... (more)
Intrusion detection tools that use the libpcap C/ C++ library  for network
traffic capture (such as Snort  and Tcpdump ) can output packet capture
information to a file for later reference. The format of this capture file is
known as pcap. By capturing packet data to a file, an investigator can return
later to study the history of an intrusion attempt – or to turn up other
important clues about clandestine activity on the network.
Of course, the traffic history data stored in a pcap file is much too vast to
study by just viewing the file manually. Security experts use spe... (more)
Nessus is a vulnerability scanner program; it is free for personal use using
the nessus for home. They also have a nessus for business which requires a
fee. I will be discussing the nessus for home use and using it with the
popular metasploit framework. Acquire the latest release of nessus homefeed
Nessus-4.4.1-ubuntu1010_i386.deb and register for the activation code. Follow
the instructions listed in the document ion for installing with Ubuntu and
start to configure. Nessus daemon cant be started until nessus has been
registered and the plugin download has occurred.
$ sudo /opt... (more)
The purpose of this article is to describe some tools and techniques in
performing the planning, scoping, and recon portion of a penetration test. In
covering these tools and techniques the reader will learn how to use them to
find vulnerabilities in their organization and help improve security posture.
Some other names for this first phase of penetration testing are; OSINT (Open
Source Intelligence), Footprinting, Discovery, and Cyberstalking.
During reconnaissance we'll gather information from public sources to learn
about the target and try to find what is importan... (more)