Moving Past Metasploit: Writing your first exploit

VIDEO BY Calvin Hedler So you want to be more than a script kiddy? Metasploit is useful, but it’s important to understand the _why_ and _how_ of exploiting software. A simple buffer overflow exploit provides a great opportunity to explore the process of writing exploits. With just a touch of coding, you can break things…Read more Moving Past Metasploit: Writing your first exploit

Denial Of Service attacks with Metasploit

A denial-of-service attack (DoS) is an attempt to make a machine or network resource unavailable to its intended users. Apache HTTP Server Apache httpd has been the most popular web server on the Internet since April 1996. It consists of thousand of lines of code and a vast variety of modules and extensions. Therefore, vulnerabilities…Read more Denial Of Service attacks with Metasploit

Password sniffing with Metasploit

A packet sniffer is a computer program that intercepts and logs traffic passing over a network. The sniffer captures each packet, decodes the packet’s raw data, showing the values of various fields in the packet, and analyzes its content. If network communications are not encrypted (ssl) then it is possible to intercept communications and capture…Read more Password sniffing with Metasploit

Vulnerability scanning and Metasploit

A vulnerability scanner is an automated computer program designed to assess computers, computer systems, networks or applications and look for weaknesses. The program probes a system by sending data to it and analyzing the responses received. To identify any vulnerabilities on the target system, a vulnerability scanner uses its vulnerability database as reference. Don’t forget…Read more Vulnerability scanning and Metasploit

Exploitation and Metasploit

If a vulnerable host has been discovered and identified it is time for the real deal. The Metasploit Framework contains hundreds of exploits. Running show exploits from msfconsole will display every exploit available in the Framework. Other valid parameters for the “show” command are all, encoders, nops, exploits, payloads, auxiliary, plugins and options. Exploiting your…Read more Exploitation and Metasploit