March 8, 2011 at 2:36 am #6176Don DonzalKeymaster
EH-Net is proud to be the first with videos of the new Metasploit Pro that was just released today. Thanks to Rapid7 for the advance copy and to Ryan for being prepared to release it the same day as the release.
Permanent link: [Article]-Video: Pen Test Walkthrough with Metasploit Pro
Metasploit Pro 3.6was released today with a slew of new features aimed at facilitating pen testers throughout the entire penetration testing process. One such new feature is asset tagging of groups of hosts, so that they can be grouped together easily. Utilizing another new feature, global search, makes managing large engagements a breeze. In addition to a free webinar on March 22 with James “egyp7” Lee on the Metasploit Framework, EH-Net regular columnist, Ryan Linn, explores Metasploit Pro. He not only shows off some of those new features but also walks the viewer through the basic steps of performing a pen test with Metasploit Pro with the following 3 videos:
– Getting Started With Metasploit Pro
– Post Exploitation
– Reporting and Cleaning Up
As we all know, a pen test is not over when the hacking is done. Rapid7 realizes this as well, so the new reporting capabilities are a very welcome addition. It is now easy to generate PCI compliance notes based on the findings throughout the penetration test. These reports indicate exactly where the failures are and actually provides evidence to support those findings. For those that need more detailed reports on all of the activity performed throughout a penetration test, the activity report shows all commands issued and all gathered evidence. These two reports alone can save a lot of time for testers who need to present this type of information to their clients.
For those that haven’t learned to ‘stop worrying and love the GUI,’ Metasploit Pro now has a console mode where you can interact with Metasploit Pro just like the Community Edition. For those that have embraced the GUI, the addition of tags allows for easy grouping of assets, and the tags can be used in many of the fields as shortcuts for specifying specific IP addresses. This really speeds up every step in the process.
So let’s get a feel for Metasploit Pro as a whole as well as the new features of v3.6.
Enjoy, let us know what you think and please suggest other videos for Ryan to tackle,
March 9, 2011 at 12:05 am #38617WCNAParticipant
Nice videos. I love the way Metasploit Pro & Nexpose make it easy to work up detailed security reports. It should make a pentester’s job easier.
March 22, 2011 at 6:18 pm #38618maxpeckParticipant
Nice webinar. Very good presentation. Great hair!
March 22, 2011 at 7:09 pm #38619alucianParticipant
Thank you very much for the webinar!
I really enjoyed it and I learned some things from it.
March 24, 2011 at 8:51 am #38620jstallParticipant
Excellent Webinar, thanks. Look forward to the next.
March 27, 2011 at 9:15 pm #38621qnixParticipant
Amazing tool. Make a pen-tester lazy, but useful for big targets and fast and efficient reporting.
March 28, 2011 at 12:42 pm #38622hayabusaParticipant
Looking forward to making some time and catching the recording. Sounds like it was a pretty good session, so I’ll catch it when workload permits.
- You must be logged in to reply to this topic.