0 min
Metasploit
Metasploit and PTES
One of our Metasploit contributers, Brandon Perry
[http://twitter.com/#%21/brandonprry], has put together a document detailing the
recently released Penetration Testing Execution Standard
[http://www.pentest-standard.org/index.php/Main_Page](PTES) with the modules and
functionality in the Framework. PTES is a push from a group of testers fed up
with the lack of guidance and the disparate sources of basic penetration testing
information. Brandon's document does a great job detailing disparate par
3 min
Release Notes
Exploit for critical Java vulnerability added to Metasploit
@_sinn3r [http://twitter.com/_sinn3r] and Juan Vasquez
[https://twitter.com/#!/_juan_vazquez_] recently released a module which
exploits the Java vulnerability detailed here
[http://schierlm.users.sourceforge.net/CVE-2011-3544.html] by mihi and by Brian
Krebs here
[http://krebsonsecurity.com/2011/11/new-java-attack-rolled-into-exploit-kits].
This is a big one. To quote Krebs: "A new exploit that takes advantage of a
recently-patched critical security flaw in Java is making the rounds in the
cri
2 min
Metasploit
Password Cracking in Metasploit with John the Ripper
HDM recently added password cracking functionality to Metasploit through the
inclusion of John-the-Ripper in the Framework
[http://dev.metasploit.com/redmine/projects/framework/repository/revisions/13135]
. The 'auxiliary/analyze/jtr_crack_fast
[http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/analyze/jtr_crack_fast.rb]
' module was created to facilitate JtR's usage in Framework and directly into
Express/Pro's automated collection routine. The module works