You can't secure what you don't acknowledge.SM

Monday, January 26, 2009

Looking for some software to exploit?

If you're learning the ins and outs of Metasploit (one of the most underrated and underused tools in our field) but don't have the software to exploit in a test environment, check out www.securinfos.info/old-softwares-vulnerable.php. Also don't forget about any old copies of Windows, etc. CDs you have lying around....Just load them up on a test machine, VMWare image, or similar and off you go. I can't imagine a more cost-effective and hands-on way to get some seat time in this area.

Also, to get you up to speed quickly I've written a few articles about Metasploit for your perusal:
Metasploit 3.1 updates improve Windows penetration testing
Metasploit 3.0 security testing tool - free easy and improved
Using Metasploit for real-world security tests
Metasploit: A penetration testing tool you shouldn't be without

No comments:

Post a Comment