[TriLUG] 10/4 ISSA - Building Metasploit Skills

Mon Sep 24 15:48:12 EDT 2012

Our February 2011 meeting on "Backtrack and Metasploit" was one of the 
most widely-attended TriLUG meetings in recent history... we had over 
100 people at our meeting!

The very same presenter, Ryan Linn, is putting on another Metasploit 
program, this time for ISSA.

 From http://raleigh.issa.org/events.html ....

*October Chapter Meeting * - October 4, 2012, at 6:00 PM

/Sponsored By:/ *Raleigh ISSA Chapter <http://raleigh.issa.org/> *

/Location:/ McKimmon Center <http://www.mckimmon.ncsu.edu/mckimmon/> in 
Raleigh, North Carolina located 
<http://raleigh.issa.org/directions.html> on the campus of NC State 
University.

/Presentation:/*Building Metasploit Skills *

There are books, articles, and demos online on how to use Metasploit, 
the open source penetration testing toolkit. Metasploit is a tool to 
leverage community contributed exploits and tools to profile systems, 
fingerprint services, and then exploit software vulnerabilities and 
configuration weaknesses. Figuring out how to leverage Metasploit is one 
of the hardest steps that new penetration testers have. Come see how to 
build your skills using the Metasploitable distribution, and then see 
how these same skills are applicable in a real penetration test. Once 
we've gone through some basic exploitation, we will do a 15 minute 
scenario of how quickly a penetration test can turn from basic network 
access to domain admin access and more. While many demonstrations have 
contrived scenarios, this will be a walkthrough of one of the most 
common scenarios we see in daily penetration testing, and best of all, 
it requires no typical exploits to work, just configuration weaknesses.

If you decide you want some hands on experience once you've seen some of 
the basics, DC919 has an open invitation to the community to attend a 
workshop on Learning Metasploit with Metasploitable. This workshop will 
be a two hour hands on workshop where you will enumerate open services, 
find vulnerabilities, exploit them to gain access, and then elevate 
access on a target system. For more information go to 
http://www.dc919.org <http://www.dc919.org>.

/Presenter: /*Ryan Linn*, Senior Consultant, Trustwave's SpiderLabs

Ryan Linn is a Senior Consultant with Trustwave's SpiderLabs 
<https://www.trustwave.com/spiderlabs/> - the advanced security team 
focused on penetration testing, incident response, and application 
security. Ryan is a penetration tester, an author, a developer,and an 
educator. He comes from a systems administration and Web application 
development background, with many years of IT security experience. Ryan 
currently works as a full-time penetration tester and is a regular 
contributor to open source projects including Metasploit and BeEF, the 
Browser Exploitation Framework.

-- 
# ????o? u?l?