The entire hour and a half video of the webcast
and complete slide deck are now available.
On March 22 last month, EH-Net presented a webcast with James “egyp7” Lee who took the participants on a technical deep-dive through the new features of the free and open source Metasploit Framework version 3.6, focusing on techniques valuable to professional penetration testers in red teams and consulting firms. This included post exploitation modules (a more powerful replacement for Meterpreter scripts) and using platform-agnostic payloads for increased pwnage. Before the lengthy Q&A, he also covered some of the feature highlights in the commercial editions, Metasploit Pro and Metasploit Express. Webcast participants and now viewers of this video should be familiar with the concepts of Metasploit and penetration testing.
James “egyp7” Lee has been contributing to the open source Metasploit Framework as a core developer and project manager since April 2008. Before joining Rapid7 to work on Metasploit in a full-time position, he discovered numerous vulnerabilities in SCADA and Industrial Control Systems at Idaho National Laboratory. James has presented at DEF CON, Black Hat USA, Black Hat DC, SANS Process Control & SCADA Security Summit, and other events.
Thanks to Rapid7 for sponsoring this webcast allowing all of us to pick egyp7’s brain at no charge. Don’t forget to try Metasploit Pro for FREE!!
Metasploit Pro is enterprise-grade software for security professionals who specialize in penetration testing and require an advanced solution for multi-level attacks that enables them to get deeper into networks more efficiently. Rapid7 offers a free, fully featured trial version of Metasploit Pro for you to download.
28 Slides – 586 KB
With more than one million unique downloads in the past year, the free and open source Metasploit Framework is the world’s most popular exploit development and penetration testing platform.
As the Metasploit Project sponsor, and in cooperation with the open source community, Rapid7 is continuously expanding the exploit library and creating a broader platform with publicly available exploits, helping organizations to stay ahead of the changing threat landscape.
The Metasploit Framework enables:
- Network security professionals to perform penetration tests
- System administrators to verify patch installations
- Software developers to perform regression testing
The Metasploit Framework enables you to:
- Distinguish real threats from false positives to speed and simplify remediation
- Prioritize penetration tests based on automated vulnerability scans
- Pinpoint exploitable vulnerabilities in networks, operating systems, Web applications and databases
- Add standard and custom exploits for pen-testing real-time