Rama krishna, profile picture
Uploaded byRama krishna
625 views

Itis pentest slides hyd

This document outlines a presentation on penetration testing. It discusses what penetration testing is, the need for it, and common methods and techniques used. The methodology typically involves 7 stages: scope definition, information gathering, vulnerability detection, analysis and planning, attack and privilege escalation, results analysis and reporting, and cleanup. Various tools used for penetration testing are also listed, including Nmap, Metasploit, ExploitTree, and Whopix. The document concludes with questions from the audience.

Embed presentation

Penetration Testing Akhil, CEH,CCSP ITIS Solutions Pvt Ltd, India
Before We Start  My Introduction.  Audience Type.  Expectations from this presentation.  Disclaimer.  Not a professional Tester  Based on my learning, Understanding.
Agenda  Background.  What is Penetration Testing.  Need for Penetration Testing.  Methods and Techniques of Pen Test.  Demo.  Tiger tools.  MetaSploit.  ExploitTree  Whopix.  ERD Commander(local Password Craking).  Questions.  Resources.
Background What is Penetration Testing  A form of stress testing, which exposes weaknesses or flaws in a computer system.  Art of finding an open door.  A valued assurance assessment tool.  PT can be used to find Flaws in  Policies  Specifications  Architecture,  Implementation,  Software,  Hardware,  And many more………………
Background Need for Penetration Testing  To find poorly configured machines.  Verify that security mechanisms are working.  Help organizations to tighten the Security system. FACT!!!! 99.9% secure = 100%vulnerable!
Methods and Techniques of Pen Test.  Black Box  zero-knowledge testing  Tester need to acquire the knowledge and penetrate.  Acquire knowledge using tools or Social Engineering techniques  Publicly available information may be given to the penetration tester, Benefits: Black box testing is intended to closely replicate the attack made by an outsider without any information of the system. This kind of testing will give an insight of the robustness of the security when under attack by script kiddies
Methods and Techniques of Pen Test. White Box  complete-knowledge testing  Testers are given full information about the target system they are supposed to attack .  Information includes ,  Technology overviews,  Data flow diagrams  Code snippets  More….. Benefits:  reveals more vulnerabilities and may be faster.  compared to replicate an attack from a criminal hacker that knows the company infrastructure very well. This hacker may be an employee of the company itself, doing an internal attack
Methods and Techniques of Pen Test. Gray-box or crystal-box test The tester simulates an inside employee. The tester is given an account on the internal network and standard access to the network. This test assesses internal threats from employees within the company.
Methodology of Penetration Testing. There are NO formal methods of Penetration testing!!!!!!!!  Typically has Seven Stages  Scope/Goal Definition  Information Gathering  Vulnerability Detection  Information Analysis and Planning.  Attack& Penetration/Privilege Escalation.  Result Analysis & Reporting.  Cleanup. REPEAT
Methodology of Penetration Testing. STAGE 1: Scope/Goal Definition  Which attacker profile the tester will use  Hacker with no knowledge about the target.  Hacker with knowledge about the target.  Internal user with access.  Which systems or networks the test will be conducted.  How long will the test last.
Methodology of Penetration Testing. STAGE 2: Information Gathering.  Information about the Targets.  Publicly available information( WWW.Arin.net, nslookup)  Technical Information provided by organisation.
Methodology of Penetration Testing. STAGE 3: Vulnerability Detection.  Manual Detection  manually probe the target host for common misconfigurations or flaws because a vulnerability scanner can fail to identify certain vulnerabilities.  Ex: database configurations etc….  Using Software.  Use of commercial or Freeware Scanners to enumerate known flaws or vulnerabilities , Ex: Retina ,Hfnectcheck, GFI Languard, Nikito, nmap so on. PLENTY TOOLS available in Market/Internet.
Methodology of Penetration Testing. STAGE 4: Information Analysis and Planning.  Collating the information gathered in previous stages.  Preparation of High level attack planning  Overall Approach  Target identification.
Methodology of Penetration Testing. STAGE 5: Attack & Penetration/Privilege Escalation. Has Two Sub Stages  I. Attack & Penetration  Known/available exploit selection  Tester acquires publicly available s/w for exploiting.  Exploit customization  Customize exploit s/w program to work as desired.  Exploit development  Develop own exploit if no exploit program available.  Exploit testing  Exploit must be tested before formal Test to avoid damage.  Attack.  Use of exploit to again unauthorized access to target
Methodology of Penetration Testing. STAGE 5: Attack & Penetration/Privilege Escalation.  II. Privilege Escalation  What can be done with acquired access/privileges.  Alter.  Damage.  What not …… Repeat the Stages (2 to 5)
Methodology of Penetration Testing. STAGE 6:Result Analysis & Reporting Organize Data/related results for Management Reporting.  Consolidation of Information gathered.  Analysis and Extraction of General conclusions.  Recommendations.
Methodology of Penetration Testing. STAGE 7:Cleanup Cleaning of all that has been done during the testing  Any System alterations  Exploits
Resources.  Guidelines  OSSTMM :The Open Source Security Testing Methodology Manual.  OWASP :Open Web Application Security Project.  Tools  NMAP,Nikito,John,CAIN&able and many more………….  Whopix  Tigertools (Commercial Tool)  Metasploit.  ExploitTree.  Core Impact (Commercial Tool)
Metasploit Framework
ExploitTree Framework
MilWorm
Demos  DCOM vulnerability using ExploitTree.  Password Cracker –Tiger Tools.  WHOPIX.  Security Auditor.  Pasword Craking (Raptor Chown-Recorded Demo).  ExploitTree.  MetaSploit.
Questions Questions?.

More Related Content

PPTX
Vulnerability assessment and penetration testing
byAbu Sadat Mohammed Yasin
 
PPTX
Penetration testing overview
bySupriya G
 
PDF
Penetration testing services
byAlisha Henderson
 
PPTX
Penetration testing
byNameen Singh
 
PDF
Penetration Testing Services
byCyber 51 LLC
 
KEY
Vulnerability Ass... Penetrate What?
byJorge Orchilles
 
PPTX
Pen Testing Explained
byRand W. Hirt
 
PPTX
Penetration testing reporting and methodology
byRashad Aliyev
 
Vulnerability assessment and penetration testing
byAbu Sadat Mohammed Yasin
 
Penetration testing overview
bySupriya G
 
Penetration testing services
byAlisha Henderson
 
Penetration testing
byNameen Singh
 
Penetration Testing Services
byCyber 51 LLC
 
Vulnerability Ass... Penetrate What?
byJorge Orchilles
 
Pen Testing Explained
byRand W. Hirt
 
Penetration testing reporting and methodology
byRashad Aliyev
 

What's hot

PDF
Introduction to penetration testing
byAmine SAIGHI
 
PPTX
Web application Testing
byOWASP Foundation
 
PPTX
Penetration testing in wireless network
byHadi Fadlallah
 
PDF
Fighting advanced malware using machine learning (English)
byFFRI, Inc.
 
PDF
Btpsec Sample Penetration Test Report
bybtpsec
 
PPT
The Security Vulnerability Assessment Process & Best Practices
byKellep Charles
 
PPTX
A Brief Introduction to Penetration Testing
byEC-Council
 
PDF
Vulnerability Assessment and Penetration Testing Report
byRishabh Upadhyay
 
PPTX
Engineering Security Vulnerability Prevention, Detection, and Response
byJinnah University for Women
 
PPT
Networking and penetration testing
byMohit Belwal
 
PDF
shaabani-Final-NC
byMahdi Shabani
 
PPTX
Vulnerability and Exploit Trends: Combining behavioral analysis and OS defens...
byEndgameInc
 
PPTX
Penentration testing
bytahreemsaleem
 
PPTX
MSRC - Funcionamiento
byChema Alonso
 
PDF
Vulnerability
byMohit Dholakiya
 
PPTX
Software security testing
bynehabsairam
 
PPT
Scanning web vulnerabilities
byMohit Dholakiya
 
PDF
Malware Detection - A Machine Learning Perspective
byChong-Kuan Chen
 
PPTX
Machine Learning for Malware Classification and Clustering
byAshwini Almad
 
PDF
Approach AI assurance
byAviral Srivastava
 
Introduction to penetration testing
byAmine SAIGHI
 
Web application Testing
byOWASP Foundation
 
Penetration testing in wireless network
byHadi Fadlallah
 
Fighting advanced malware using machine learning (English)
byFFRI, Inc.
 
Btpsec Sample Penetration Test Report
bybtpsec
 
The Security Vulnerability Assessment Process & Best Practices
byKellep Charles
 
A Brief Introduction to Penetration Testing
byEC-Council
 
Vulnerability Assessment and Penetration Testing Report
byRishabh Upadhyay
 
Engineering Security Vulnerability Prevention, Detection, and Response
byJinnah University for Women
 
Networking and penetration testing
byMohit Belwal
 
shaabani-Final-NC
byMahdi Shabani
 
Vulnerability and Exploit Trends: Combining behavioral analysis and OS defens...
byEndgameInc
 
Penentration testing
bytahreemsaleem
 
MSRC - Funcionamiento
byChema Alonso
 
Vulnerability
byMohit Dholakiya
 
Software security testing
bynehabsairam
 
Scanning web vulnerabilities
byMohit Dholakiya
 
Malware Detection - A Machine Learning Perspective
byChong-Kuan Chen
 
Machine Learning for Malware Classification and Clustering
byAshwini Almad
 
Approach AI assurance
byAviral Srivastava
 

Viewers also liked

PPTX
Tablet pc by jangid
byJANGID_ML
 
PPT
Assignment 1
byĐàm Tư
 
PPT
Munduko lantegiak ausoko tailerrak slideshare
bylauroteknologia
 
PDF
Nola marraztu seinale bat geometria
bylauroteknologia
 
PPTX
Computer basics
byJANGID_ML
 
PDF
Scs5export
bysarahhillwheeler
 
PPTX
Computer virus
byJANGID_ML
 
PDF
Max Muscle Sports Nutrition Supplement Guide for 2013
byRich Carr
 
PPTX
Computer basics
byJANGID_ML
 
PDF
Does This Theme Make My Website Look Fat? (Wordcamp SLC 2013)
byAdam Dunford
 
PDF
Computer basics for all . jangid ml
byJANGID_ML
 
PPTX
Kat.ppt
byDith Jose
 
PDF
Enginemanagementsystemfinal 141115224136-conversion-gate01
byAxu Batax
 
KEY
Improving Your Website's Usability for Happier Visitors & Stickier User Exper...
byAdam Dunford
 
PPTX
Softwares . jangid ml
byJANGID_ML
 
PPTX
Html tags
byGaurav Jaiswal
 
PPT
Apple and sugar feeding in adult codling moths
byDith Jose
 
PPTX
2011 Reclame Presentatie V5 2011
byJo van den Berg
 
PPTX
E learning ..jangid ml
byJANGID_ML
 
PDF
The rajasthan educatonal service rules 1970
byJANGID_ML
 
Tablet pc by jangid
byJANGID_ML
 
Assignment 1
byĐàm Tư
 
Munduko lantegiak ausoko tailerrak slideshare
bylauroteknologia
 
Nola marraztu seinale bat geometria
bylauroteknologia
 
Computer basics
byJANGID_ML
 
Scs5export
bysarahhillwheeler
 
Computer virus
byJANGID_ML
 
Max Muscle Sports Nutrition Supplement Guide for 2013
byRich Carr
 
Computer basics
byJANGID_ML
 
Does This Theme Make My Website Look Fat? (Wordcamp SLC 2013)
byAdam Dunford
 
Computer basics for all . jangid ml
byJANGID_ML
 
Kat.ppt
byDith Jose
 
Enginemanagementsystemfinal 141115224136-conversion-gate01
byAxu Batax
 
Improving Your Website's Usability for Happier Visitors & Stickier User Exper...
byAdam Dunford
 
Softwares . jangid ml
byJANGID_ML
 
Html tags
byGaurav Jaiswal
 
Apple and sugar feeding in adult codling moths
byDith Jose
 
2011 Reclame Presentatie V5 2011
byJo van den Berg
 
E learning ..jangid ml
byJANGID_ML
 
The rajasthan educatonal service rules 1970
byJANGID_ML
 

Similar to Itis pentest slides hyd

PDF
The Art of Penetration Testing in Cybersecurity.
byExpeed Software
 
PDF
An overview of network penetration testing
byeSAT Publishing House
 
PDF
WTF is Penetration Testing
byNetSPI
 
PPTX
WTF is Penetration Testing v.2
byScott Sutherland
 
PPTX
Assessing a pen tester: Making the right choice when choosing a third party P...
byJason Broz, CIPP/US
 
PDF
PENETRATION TESTING LECTURE SLIDES start
byDorcask3
 
PDF
Penetration testing tutorial
byHarikaReddy115
 
PDF
What is pentest
byitissolutions
 
PDF
AN OVERVIEW OF PENETRATION TESTING
byIJNSA Journal
 
PDF
Asegurarme de la Seguridad?, Un Vistazo al Penetration Testing
bySoftware Guru
 
PDF
Penetration testing using metasploit framework
byPawanKesharwani
 
PDF
IRJET- A Study on Penetration Testing using Metasploit Framework
byIRJET Journal
 
PDF
IRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
byIRJET Journal
 
PDF
Top 5 Penetration Testing Methodologies Every Ethical Hacker Should Know.pdf
bydaksh908982
 
PPT
Pentesting hygt frde education of engi.ppt
byasranausheenasra
 
PDF
Understanding Penetration Testing.pdf
byBenard76
 
PDF
Introduction to Penetration Testing - By Cyber Expert Amish Patel - 8690029004
byAmish Patel
 
PPTX
Ethical Hacking and Defense Penetration
byJay Nagar
 
DOCX
PENETRATION TESTING METHODOLOGY PROJECT TEMPLATE .docx
bydanhaley45372
 
DOCX
PENETRATION TESTING METHODOLOGY PROJECT TEMPLATE .docx
bykarlhennesey
 
The Art of Penetration Testing in Cybersecurity.
byExpeed Software
 
An overview of network penetration testing
byeSAT Publishing House
 
WTF is Penetration Testing
byNetSPI
 
WTF is Penetration Testing v.2
byScott Sutherland
 
Assessing a pen tester: Making the right choice when choosing a third party P...
byJason Broz, CIPP/US
 
PENETRATION TESTING LECTURE SLIDES start
byDorcask3
 
Penetration testing tutorial
byHarikaReddy115
 
What is pentest
byitissolutions
 
AN OVERVIEW OF PENETRATION TESTING
byIJNSA Journal
 
Asegurarme de la Seguridad?, Un Vistazo al Penetration Testing
bySoftware Guru
 
Penetration testing using metasploit framework
byPawanKesharwani
 
IRJET- A Study on Penetration Testing using Metasploit Framework
byIRJET Journal
 
IRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
byIRJET Journal
 
Top 5 Penetration Testing Methodologies Every Ethical Hacker Should Know.pdf
bydaksh908982
 
Pentesting hygt frde education of engi.ppt
byasranausheenasra
 
Understanding Penetration Testing.pdf
byBenard76
 
Introduction to Penetration Testing - By Cyber Expert Amish Patel - 8690029004
byAmish Patel
 
Ethical Hacking and Defense Penetration
byJay Nagar
 
PENETRATION TESTING METHODOLOGY PROJECT TEMPLATE .docx
bydanhaley45372
 
PENETRATION TESTING METHODOLOGY PROJECT TEMPLATE .docx
bykarlhennesey
 

Recently uploaded

PDF
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
DevFest El Jadida 2025 - Product Thinking
byElmehdi AMLOU
 
PDF
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
PDF
Our Digital Tribe_ Cultivating Connection and Growth in Our Slack Community 🌿...
bysanjeetmishra30
 
PDF
December Patch Tuesday
byIvanti
 
PDF
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
DOCX
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
PPTX
AI's Impact on Cybersecurity - Challenges and Opportunities
byYasir Naveed Riaz
 
PPTX
Protecting Data in an AI Driven World - Cybersecurity in 2026
byYasir Naveed Riaz
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PPTX
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
PPTX
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
PDF
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
PDF
Energy Storage Landscape Clean Energy Ministerial
bySurajitBanerjee38
 
PDF
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
PDF
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
PDF
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
DOCX
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
PPTX
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
PDF
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
DevFest El Jadida 2025 - Product Thinking
byElmehdi AMLOU
 
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
Our Digital Tribe_ Cultivating Connection and Growth in Our Slack Community 🌿...
bysanjeetmishra30
 
December Patch Tuesday
byIvanti
 
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
AI's Impact on Cybersecurity - Challenges and Opportunities
byYasir Naveed Riaz
 
Protecting Data in an AI Driven World - Cybersecurity in 2026
byYasir Naveed Riaz
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
Energy Storage Landscape Clean Energy Ministerial
bySurajitBanerjee38
 
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 

Itis pentest slides hyd

  • 1.
    Penetration Testing Akhil,CEH,CCSP ITIS Solutions Pvt Ltd, India
  • 2.
    Before We Start  My Introduction.  Audience Type.  Expectations from this presentation.  Disclaimer.  Not a professional Tester  Based on my learning, Understanding.
  • 3.
    Agenda  Background.  What is Penetration Testing.  Need for Penetration Testing.  Methods and Techniques of Pen Test.  Demo.  Tiger tools.  MetaSploit.  ExploitTree  Whopix.  ERD Commander(local Password Craking).  Questions.  Resources.
  • 4.
    Background What isPenetration Testing  A form of stress testing, which exposes weaknesses or flaws in a computer system.  Art of finding an open door.  A valued assurance assessment tool.  PT can be used to find Flaws in  Policies  Specifications  Architecture,  Implementation,  Software,  Hardware,  And many more………………
  • 5.
    Background Need forPenetration Testing  To find poorly configured machines.  Verify that security mechanisms are working.  Help organizations to tighten the Security system. FACT!!!! 99.9% secure = 100%vulnerable!
  • 6.
    Methods and Techniquesof Pen Test.  Black Box  zero-knowledge testing  Tester need to acquire the knowledge and penetrate.  Acquire knowledge using tools or Social Engineering techniques  Publicly available information may be given to the penetration tester, Benefits: Black box testing is intended to closely replicate the attack made by an outsider without any information of the system. This kind of testing will give an insight of the robustness of the security when under attack by script kiddies
  • 7.
    Methods and Techniquesof Pen Test. White Box  complete-knowledge testing  Testers are given full information about the target system they are supposed to attack .  Information includes ,  Technology overviews,  Data flow diagrams  Code snippets  More….. Benefits:  reveals more vulnerabilities and may be faster.  compared to replicate an attack from a criminal hacker that knows the company infrastructure very well. This hacker may be an employee of the company itself, doing an internal attack
  • 8.
    Methods and Techniquesof Pen Test. Gray-box or crystal-box test The tester simulates an inside employee. The tester is given an account on the internal network and standard access to the network. This test assesses internal threats from employees within the company.
  • 9.
    Methodology of PenetrationTesting. There are NO formal methods of Penetration testing!!!!!!!!  Typically has Seven Stages  Scope/Goal Definition  Information Gathering  Vulnerability Detection  Information Analysis and Planning.  Attack& Penetration/Privilege Escalation.  Result Analysis & Reporting.  Cleanup. REPEAT
  • 10.
    Methodology of PenetrationTesting. STAGE 1: Scope/Goal Definition  Which attacker profile the tester will use  Hacker with no knowledge about the target.  Hacker with knowledge about the target.  Internal user with access.  Which systems or networks the test will be conducted.  How long will the test last.
  • 11.
    Methodology of PenetrationTesting. STAGE 2: Information Gathering.  Information about the Targets.  Publicly available information( WWW.Arin.net, nslookup)  Technical Information provided by organisation.
  • 12.
    Methodology of PenetrationTesting. STAGE 3: Vulnerability Detection.  Manual Detection  manually probe the target host for common misconfigurations or flaws because a vulnerability scanner can fail to identify certain vulnerabilities.  Ex: database configurations etc….  Using Software.  Use of commercial or Freeware Scanners to enumerate known flaws or vulnerabilities , Ex: Retina ,Hfnectcheck, GFI Languard, Nikito, nmap so on. PLENTY TOOLS available in Market/Internet.
  • 13.
    Methodology of PenetrationTesting. STAGE 4: Information Analysis and Planning.  Collating the information gathered in previous stages.  Preparation of High level attack planning  Overall Approach  Target identification.
  • 14.
    Methodology of PenetrationTesting. STAGE 5: Attack & Penetration/Privilege Escalation. Has Two Sub Stages  I. Attack & Penetration  Known/available exploit selection  Tester acquires publicly available s/w for exploiting.  Exploit customization  Customize exploit s/w program to work as desired.  Exploit development  Develop own exploit if no exploit program available.  Exploit testing  Exploit must be tested before formal Test to avoid damage.  Attack.  Use of exploit to again unauthorized access to target
  • 15.
    Methodology of PenetrationTesting. STAGE 5: Attack & Penetration/Privilege Escalation.  II. Privilege Escalation  What can be done with acquired access/privileges.  Alter.  Damage.  What not …… Repeat the Stages (2 to 5)
  • 16.
    Methodology of PenetrationTesting. STAGE 6:Result Analysis & Reporting Organize Data/related results for Management Reporting.  Consolidation of Information gathered.  Analysis and Extraction of General conclusions.  Recommendations.
  • 17.
    Methodology of PenetrationTesting. STAGE 7:Cleanup Cleaning of all that has been done during the testing  Any System alterations  Exploits
  • 18.
    Resources.  Guidelines  OSSTMM :The Open Source Security Testing Methodology Manual.  OWASP :Open Web Application Security Project.  Tools  NMAP,Nikito,John,CAIN&able and many more………….  Whopix  Tigertools (Commercial Tool)  Metasploit.  ExploitTree.  Core Impact (Commercial Tool)
  • 19.
  • 20.
  • 21.
  • 22.
    Demos  DCOMvulnerability using ExploitTree.  Password Cracker –Tiger Tools.  WHOPIX.  Security Auditor.  Pasword Craking (Raptor Chown-Recorded Demo).  ExploitTree.  MetaSploit.
  • 23.