Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. Metaploit OFFENSIVE HACKING This is ALEX This is ETHAN Forgive us if we give a bad presentation :’( we’re both NOOBS unlike Beardo~
  2. 2. What is Metasploit for?  Validate security risks as part of your vulnerability management program.  Safely simulate attacks on your network to uncover security issues.  Verify your defenses, security controls and mitigation efforts.  Measure the effectiveness of your security awareness program.  Audit password security beyond Windows and Linux logins.
  3. 3. Validate Security Risks There's no way you can address every threat that comes your way, so spend your time wisely by validating which security risks pose a real threat.  Use Metasploit, our penetration testing software to:  Use time efficiently in addressing high-risk threats that need your attention and downgrading low-risk threats.  Gain credibility with stakeholder teams by delivering remediation reports that are concise and relevant.
  4. 4. Productivity Boost  Get a little help and be done in half the time.  Let our penetration testing software, Metasploit, manage your data and automate mundane or repetitive tasks, making your work more enjoyable and efficient. Use wizards to simplify and speed up common jobs; launch MetaModules to use advanced offensive security techniques or for security controls testing.
  5. 5. Attackers Use Automation. So Why aren't You?  Stay in control with standard workflows and let our penetration testing software, Metasploit, manage all network and evidence data for you. Use packaged offensive security techniques, schedule custom workflows, and write your own integrations with the Metasploit Pro API.
  6. 6. Web and Command-line Interfaces  Everyone has a preference, and you've got yours. Our penetration testing software allows you to choose your favorite user interface - web-based or command-line - or mix it up!  New to Metasploit? Use the web-based interface to reduce the need for training, and get the job done faster.  Metasploit veteran? Use the advanced CLI functionality of Metasploit Pro to get access to new, high-level commands, better manage your data and generate a single report for all activities.
  7. 7. Network Discovery the penetration testing software allows you to:  Scan for available hosts, identifying open ports, services, applications, operating systems and versions.  Launch a Nexpose vulnerability scan or access existing results.  Import reports from over a dozen third- party network discovery and vulnerability management solutions.
  8. 8. Password Auditing  Uncover weak passwords on your network to protect against brute forcing attacks that go way beyond Windows and Linux credentials. Test over a dozen network services, including SSH, VNC and telnet. Make intelligent guesses based on frequently used passwords, custom dictionaries, vendor default passwords and data collected from the environment. Download our penetration testing software to get started.
  9. 9. Social Engineering  By using a penetration testing software, you can see how intruders could get into your network through phishing emails, malicious websites and USB flash drives.  For ongoing security programs, measure the security awareness of your users by sending phishing emails.
  10. 10. Web App Testing  Audit on-premise and cloud-based web apps to identify OWASP Top 10 2013 vulnerabilities. Exploit web app vulnerabilities to demonstrate risk to applications owners or as part of a penetration test. Download our penetration testing software to start testing your web apps today.
  11. 11. Teamwork and Reporting  Share results and work more effectively in teams to leverage individual expertise. Mentor junior team members by delegating simpler tasks to them as part of a larger engagement. Tag assets to assign hosts to team members.  And when you're done, generate reports that reflect the entire team's work. Choose report templates depending on the stakeholder and compliance regulation.