Welcome back, my aspiring cyber warriors! Much of what we have done here in this Metasploit Basics series enables us to exploit and control a remote system anywhere on the planet earth (or at least any machine connected to the Internet on planet earth). In some cases, we may want to control a system that […]
Continue Reading
Metasploit is such a powerful tool that I can only scratch the surface of its capabilities here. As it has developed over the years, it is now possible to use Metasploit for nearly everything from recon to post exploitation to covering your tracks. Given its versatility, every aspiring hacker should have at least a tentative […]
Continue Reading
Welcome back, my Metasploit aficianodos! In the previous part of this series, we looked at how to use Metasploit’s web delivery exploit to create a script to connect to a UNIX, Linux, or OS X machine using Python. Many members of the Hackers-Arise community have asked me, “Can we do the same for a Windows […]
Continue Reading
Automobile or car hacking is the leading edge of the hacking/penetration testing field. With the arrival of self-driving cars in the very near future, this field will only become even more important. For some background on this field, read my articles on the CAN protocol and the SocketCAN to better understand the technologies involved. As part of this rapid […]
Continue Reading
On September 12, 2017, FireEye revealed that they had found malware in the wild that exploited CVE-2017-8759. This malware exploits a vulnerability in the .NET Framework that enables the attacker to execute remote code on the target system (RCE). This is a big deal as remote code execution means that the attacker can run their […]
Continue Reading
Welcome back, my fledgling hackers! As we have progressed through this series on Metasploit Basics, we have used numerous techniques to exploit your target system including; 1. SMB Exploits (EternalBlue and MS08_067, for instance); 2. File Format (ms14-0440_sandworm, office_word_hta); 3. Browser Exploits (autopwn, Abobe Flash and numerous others); 4. Social Engineering Toolkit(SET); Custom Payloads with […]
Continue Reading
So many people have asked us for the Metasploit Kung-Fu course videos, we are now putting them on sale! If you just want to become proficient in the world’s most widely used pentesting framework or want to earn the prestigious Metasploit Certified Expert (MCE) certification (these videos covers all the areas on the exam), this […]
Continue Reading
Welcome back my rookie hackers! Every so often, I run across a new hacking tool that really gets me excited. Autosploit is one of those! Autosploit combines the power of two of my favorite tools, Shodan and Metasploit! AutoSploit uses Shodan to find specific targets based upon their banners and then Metasploit to automate the […]
Continue Reading
Welcome back my novice hackers! Recently, I have received numerous questions regarding how to update the msfconsole built into Kali. Until recently that was an easy question to answer. You simply enter “msfupdate” at the command line. Now, Rapid7–the developers of Metasploit– have changed how we update Metasploit when it is built into an operating […]
Continue Reading
In this series, I have been trying to familiarize you with the many features of the world’s best framework for exploitation, hacking, and pentesting, Metasploit. There are so many features, and techniques for using those features, that few pentesters/hackers are aware of all of them. Many times, when doing a pentest/hack, we need to run […]
Continue Reading