background preloader

Metasploit Unleashed

Metasploit Unleashed
This free information security training is brought to you in a community effort to promote awareness and raise funds for underprivileged children in East Africa. Through a heart-warming effort by several security professionals, we are proud to present the most complete and in-depth open course about the Metasploit Framework. This is a free online course and if you enjoy it and find it useful, we ask that you make a donation to the HFC (Hackers For Charity), $9.00 will feed a child for a month, so any contribution is welcome. We hope you enjoy this course as much as we enjoyed making it.

http://www.offensive-security.com/metasploit-unleashed/Main_Page

Related:  SecurityEthical HackingInformationalpen-testing

How to Create a SSH Tunnel Through Your Seedbox IP (Proxy for Your Home PC) Faster torrents, high connectivity and seed-ability are notably the primary reasons why most of us opt to use a seedbox. Fair enough - but a seedbox (server) can be used to implement a variety of tasks that extend far beyond just torrenting. We’ll explain how you can run a SSH tunnel through your seedbox server, in order to use your seedbox’s IP address as a proxy on your local machine (home PC). And it works for most Internet apps that support SOCKS5 (web browser, IRC/MSN, even a home uTorrent client). Blue For The Pineapple …. Background The WiFi Pineapple, was a device coined by the Hak5 (www.hak5.org) Team back in 2008. Originally it was a hacked Fon/Fonera AccessPoint (AP) with Karma patches applied to hostapd. Back then Digninja (Robin wood) called it Jasager ( it was called this because the AP software answered “Yes” to all WiFi Beacon Frames; if a WiFi client was looking for the SSID BTOpenzone the Pineapple(or Jasager) would reply “That’s Me!”, if a second WiFi client was looking for an SSID of Starbucks, again the Pineapple would reply “Thats Me!”

Information Security Policies and Procedures Part 2 This is part of an ongoing series on documentation development. Please be sure to read the previous posts in this series: Part 1Knowing which policies are necessary in your environment can be a challenge. Most organizations will have at least some formalized policies. Many of these are in response to legal requirements (HR policies) or specific incidents. After someone leaves their laptop in the car trunk for 6 hours on a 100 degree day, a policy on the care of equipment is generally issued. With policies and procedures, it is essential to be proactive rather than reactive.

Armitage Tutorial - Cyber Attack Management for Metasploit About ArmitageBefore we begin... Getting StartedHow to get any woman to talk to you User Interface TourSo many pretty screenshots Host ManagementYou've got to find them to hack them. ExploitationThis is the fun stuff Post-ExploitationThis is the really fun stuff ManeuverGetting around the network and on to more targets Team MetasploitThis is cyber attack management! Scripting ArmitageThe next step... 1.1 What is Armitage? Armitage is a scriptable red team collaboration tool for Metasploit that visualizes targets, recommends exploits, and exposes the advanced post-exploitation features in the framework.

Beginner's Guide to Nmap Ever wondered how attackers know what ports are open on a system? Or how to find out what services a computer is running without just asking the site admin? You can do all this and more with a handy little tool called Nmap. What is Nmap? Short for "network mapper," nmap is a veritable toolshed of functionality to perform network scans. It can be used for security scans, simply to identify what services a host is running, to "fingerprint" the operating system and applications on a host, the type of firewall a host is using, or to do a quick inventory of a local network. The Crypto Anarchist Manifesto From: tcmay@netcom.com (Timothy C. May) Subject: The Crypto Anarchist Manifesto Date: Sun, 22 Nov 92 12:11:24 PST Cypherpunks of the World, Several of you at the "physical Cypherpunks" gathering yesterday in Silicon Valley requested that more of the material passed out in meetings be available electronically to the entire readership of the Cypherpunks list, spooks, eavesdroppers, and all. <Gulp> Here's the "Crypto Anarchist Manifesto" I read at the September 1992 founding meeting.

IntroX86 Creator: Xeno Kovah @XenoKovah License: Creative Commons: Attribution, Share-Alike ( Blocking Unwanted Parasites with a Hosts File Special Note: new Windows 10 users ... the MVPS Hosts file installs just fine, no need to make any changes. Simply follow the instructions for Windows 8. What it does ... You can use a HOSTS file to block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers.

Every Day is Zero Day: Installing Metasploit and Armitage on Mac OSX 10.9 Mavericks Like most people out there, I have tried to install Metasploit and Armitage using other blog posts first and found that the process failed somewhere along the line. This is yet another attempt to document my experience with the installation, that does borrow heavily from other sources, with a few minor tweaks. Maybe, just maybe, this is the one that works for you too from start to finish.... Assumptions: I assume that like me, you have a pretty fresh mac to do the installation on. This will probably fail spectacularly if you have macports installed already, or have upgraded from a previous OSX version with metasploit installed. Image Processing using C# Introduction This is my sixth article in C#. I got impressed with a similar article, so I tried this. Overview The purpose of the article is to be able to build a class that allows any C# programmer to perform image processing functionality.

Crypto-anarchism Described by Vernor Vinge, crypto-anarchy is more specifically anarcho-capitalist, employing cryptography to enable individuals to make consensual economic arrangements and to transcend national boundaries. Etymology[edit] The "crypto" in crypto-anarchism should not be confused with the use of the prefix "crypto-" to indicate an ideology or system with an intentionally concealed or obfuscated "true nature". Linux and Open source PortSpoof – An interesting anti-snooping tool for Linux - Vimperator Fool those who try to portscan your system! The Portspoof program is designed to enhance OS security through emulation of legitimate service signatures on otherwise closed ports. It is meant to be a lightweight, fast, portable and secure addition to the any firewall system or security infrastructure.

Information Security Policies and Procedures Part 1 Note: This is part of an ongoing series on documentation development. Policy writing can be a daunting task, and one for which many are not overly enthused. However, Policies and Procedures are an integral part of any information security program. Not only do they provide direction and accountability, many specific policy elements are a requirement of specific laws, regulations, and/or standards. In this multipart series, I will work to help you become comfortable writing policies and their associated procedures.

Debian / Ubuntu: Set Port Knocking With Knockd and Iptables My iptables based firewall allows only port TCP 80 and 443. I also need tcp port # 22, but I do not have static IP at my home. How do I open and close TCP port #22 on demand under Debian or Ubuntu Linux based server systems? How do I install a port-knock server called knockd and configure it with iptables to open tcp port #22 or any other ports? Debian or Ubuntu Linux comes with knockd.

Related:  HackingHackOpen CoursewareMetasploitHacking1seguridad