Daily Archives: June 28, 2015

Metasploit: Simple TFTP Fuzzer

Advanced Ethical Hacking Institute in Pune
Writing your own TFTP Fuzzer Tool
One of the most powerful aspects of Metasploit is how easy it is to make changes and create new functionality by reusing existing code. For instance, as this very simple Fuzzer code demonstrates, you can make a few minor modifications to an existing Metasploit module to […]

By |June 28th, 2015|Metasploit|

Metasploit: Writing a Simple Fuzzer

Advanced Ethical Hacking Institute in Pune
What is a Fuzzer?
A Fuzzer is a tool used by security professionals to provide invalid and unexpected data to the inputs of a program. A typical Fuzzer tests an application for buffer overflow, invalid format strings, directory traversal attacks, command execution vulnerabilities, SQL Injection, XSS and more.

Because the Metasploit Framework provides […]

By |June 28th, 2015|Metasploit|

Metasploit: Nessus via MSFconsole

Advanced Ethical Hacking Institute in Pune
Nessus vulnerability scanning directly in Metasploit
For those situations where we choose to remain at the command line, there is also the option to connect to a Nessusversion 4.4.x server directly from within msfconsole. The Nessus Bridge, written by Zate  uses xmlrpc to connect to a server instance of Nessus, allowing us to perform […]

By |June 28th, 2015|Metasploit|

Metasploit: Working with Nessus

Advanced Ethical Hacking Institute in Pune
What is Nessus?
Nessus is a well known and popular vulnerability scanner that is free for personal, non-commercial use that was first released in 1998 by Renaurd Deraison and currently published by Tenable Network Security. There is also a spin off project of Nessus 2, named OpenVAS, that is published under the […]

By |June 28th, 2015|Metasploit|

Metasploit: NeXpose via MSFconsole

Advanced Ethical Hacking Institute in Pune
NeXpose vulnerability scanning in Metasploit
The Metasploit/NeXpose integration is not limited to simply importing scan results files. You can run NeXpose scans directly from msfconsole by first making use of the ‘nexpose‘ plugin.

 
msf > load nexpose
[…]

By |June 28th, 2015|Metasploit|

Metasploit: Working with NeXpose

Advanced Ethical Hacking Institute in Pune
Using NeXpose results within the Metasploit Framework
With the acquisition of Metasploit by Rapid7 back in 2009, there is now excellent compatibility between Metasploit and theNeXpose Vulnerability Scanner. Rapid7 has a community edition of their scanner that is available athttp://www.rapid7.com/vulnerability-scanner.jsp.

After we have installed and updated NeXpose, we run a full credentialed scan […]

By |June 28th, 2015|Metasploit|

Metasploit: WMAP Web Scanner

Advanced Ethical Hacking Institute in Pune
What is WMAP?
WMAP is a feature-rich web application vulnerability scanner that was originally created from a tool named SQLMap. This tool is integrated with Metasploit and allows us to conduct web application scanning from within the Metasploit Framework.
Vulnerability Scanning with WMAP
We begin by first creating a new database to store our […]

By |June 28th, 2015|Metasploit|

Metasploit: Vulnerability Scanning with Metasploit

Advanced Ethical Hacking Institute in Pune
Discovery through Vulnerability Scanning
Vulnerability scanning will allow you to quickly scan a target IP range looking for known vulnerabilities, giving a penetration tester a quick idea of what attacks might be worth conducting.

When used properly, this is a great asset to a pen tester, yet it is not without it’s draw […]

By |June 28th, 2015|Metasploit|

Metasploit: Writing Your Own Security Scanner

Advanced Ethical Hacking Institute in Pune
Using your own Metasploit Auxiliary Module
There are times where you may need a specific network security scanner, or having scan activity conducted withinMetasploit would be easier for scripting purposes than using an external program. Metasploit has a lot of features that can come in handy for this purpose, like access to all […]

By |June 28th, 2015|Metasploit|

Metasploit: SNMP Sweeping

Advanced Ethical Hacking Institute in Pune
SNMP Auxiliary Module for Metasploit
Continuing with our information gathering, lets take a look at SNMP Sweeping. SNMP sweeps are often a good indicator in finding a ton of information about a specific system or actually compromising the remote device. If you can find a Cisco device running a private string for example, […]

By |June 28th, 2015|Metasploit|