Clik here to view.
Metasploitable – Gaining Root on a Vulnerable Linux System
As I mentioned in my previous post, Metasploitable is a purposefully vulnerable Ubuntu 8.04 image that is running several unpatched services. Metasploitable is a great platform to practice and develop...
View ArticleClik here to view.
Metasploitable 2 Tutorial Part 1: Checking for open Ports with Nmap
I mentioned a week or two ago that we would take a closer look at Metasploitable 2.0, the purposefully vulnerable Linux virtual machine used for learning security tactics and techniques. In this intro,...
View ArticleClik here to view.
Book Review: “Advanced Penetration Testing for Highly Secured Environments:...
You may have layers of security, popularly known as “Defense in Depth”, but are your security features setup properly? Are their configuration errors that a vulnerability scan will not find? What...
View ArticleClik here to view.
Mutillidae Database Errors in Metasploitable 2
I really enjoy using Mutillidae, it is one of my favorite teaching tools. I usually run it on a Windows box, but when I went to use it in the Metasploitable 2 VM I was getting a lot of database errors....
View ArticleClik here to view.
Mass Scanning a Website for File Inclusion Vulnerabilities using Fimap and...
Fimap by Iman Karim (https://tha-imax.de/git/root/fimap) is a great tool to scan a website for File Inclusion vulnerabilities. In this short tutorial I show how to scan the entire Metasploitable2...
View Article