Things I've learned and want to share
I maintain a modified version of Kali I use as the basis for my testing which includes a variety of extra tools, preference, references, etc. If you want a copy yourself, you can find one here:
https://drive.google.com/drive/folders/1id6hRacVUtcQRtq8zjSkxtTSE3AvxTk3?usp=sharing
Each version is named for a different character played by Henry Winkler, for the record.
I maintain a modified version of Kali I use as the basis for my testing which includes a variety of extra tools, preference, references, etc. If you want a copy yourself, you can find one here:
https://drive.google.com/open?id=1X0IHNuRCWjHoQdvQUaEwWoDLKEB1_5ti
This is quick-hit version of part three of a three part series on Metasploit Fundamentals that I wrote to update my previous work (from 2014) on Metasploit. If you’re looking for a more hands-on/in-depth version of this article you can access training on this topic here: MSF Fundamentals – Part 3 of 3 (Pivoting and Automation) (basic_0x04)
The purpose of this article is to cover pivoting, port-forwarding, and automation to expand the reach of your tools and reduce the amount of time you spend on repetitive work. Part one covered starting up the MSF, finding an exploit, finding a matching payload, and configuring everything up to the point of launching the exploit. Part two covered exploitation and post-exploitation modules to the point where you are comfortable with the various ways of manipulating a system after you’ve opened a session to it. This training assumes you’re using a 2016 variant of Kali Linux and that it’s patched up to at least August 2016. If that’s true, then let’s go!
Continue reading “MSF Fundamentals 2017 (Part 3 of 3) – Pivoting and Automation”
This is quick-hit version of part two of a three part series on Metasploit Fundamentals that I wrote to update my previous work (from 2014) on Metasploit. If you’re looking for a more hands-on/in-depth version of this article you can access training on this topic here: MSF Fundamentals – Part 2 of 3 (Post-Exploitation with Meterpreter) (basic_0x03)
The purpose of this article is to cover exploitation and post-exploitation modules to the point where you are comfortable with the various ways of manipulating a system after you’ve opened a session to it. Part one covered starting up the MSF, finding an exploit, finding a matching payload, and configuring everything up to the point of launching the exploit. Part three covers pivoting, port forwarding, and automation. This training assumes you’re using a 2016 variant of Kali Linux and that it’s patched up to at least August 2016. If that’s true, then let’s go!
Continue reading “MSF Fundamentals 2017 (Part 2 of 3) – Exploitation and Post-Exploitation”
This is quick-hit version of part one of a three part series on Metasploit Fundamentals that I wrote to update my previous work (from 2014) on Metasploit. If you’re looking for a more hands-on/in-depth version of this article you can access training on this topic here: MSF Fundamentals – Part 1 of 3 (Startup Exploit Payload) (basic_0x02)
The purpose of this article is to get you familiar with starting up the Metasploit Framework (MSF), finding an exploit, finding a matching payload, and configuring everything up until it’s time to launch an exploit. Part two will cover exploitation and post-exploitation modules, while part three will cover pivoting, lateral movement, and automation. This training assumes you’re using a 2016 variant of Kali Linux and that it’s patched up to at least August 2016. If that’s true, then let’s go!
Continue reading “MSF Fundamentals 2017 (Part 1 of 3) – Console to Payload”
Hermit's Cave 