[Hack]in(sight) Vol.2 No.13
Metasploit is a penetration testing platform that enables you to find, exploit, and validate vulnerabilities. The platform includes the Metasploit Framework and its commercial counterparts: Metasploit Pro, Express, Community, and Nexpose Ultimate.
This release covers popular vulnerability scanning and the usage of vulnerability scanners. Vulnerability scanners are useful tools that can help you quickly find potential security flaws on a target. However, there are times when you may want to avoid detection and limit the amount of noise you create. In these cases, you may want to run some auxiliary modules, such as the FTP, SMB, and VNC login scanners, to manually identify potential vulnerabilities that can be exploited. Manual vulnerability analysis is considerably more time consuming and requires research, critical thinking, and in-depth knowledge on your part, but it can help you create an accurate and effective attack plan.
Moreover, you will read about Browser Autopwn 2. Browser Autopwn is the easiest and quickest way to explicitly test browser vulnerabilities without having the user to painfully learn everything there is about each exploit and the remote target before deployment. In this article you will learn how you can take advantage of it to maximize your vuln validation or penetration testing results.
At the end of this release we will present you Black Hat article covering practical usage of TOR and technical tutorial how to configure TOR in Kali Linux to access Deep Web. This article will explain in details how to access hidden web services which only can be seen and visited if you are using TOR so you will be able to explore the website where number of other website links are available in one place to access many hidden web services such as Bitcoins, selling and purchasing drugs, Gungs business, illegal VISAs and work permit, selling and buying Citizenship of US & UK etc. Nowadays, anyone can access the Deep Web, navigating the world beyond Google definitely requires know-how. Unlike the graphical, HTML-based "surface Web," no one is holding your hand in the Deep Web. The point is that it's not accessible; if you have to ask, you're not supposed to be there.
We hope you will enjoy all the technical aritcles in this release.
Hack Insight Team
Page 4: The New Metasploit Browser Autopwn: Strike Faster and Smarter
Browser Autopwn 2 is Metasploit's new shiny weapon that reflects how hackers today carry out browser attacks against real targets, from amateur level to APT (Advanced Persistent Threat), which ultimately affects every user on the Internet both personally and financially. If you would like to give Browser Autopwn 2 a try to see how you can defend against it, it is now available in upstream master.
Page 16: How to configure TOR in Kali Linux to access Deep Web
Nowadays, anyone can access the Deep Web, navigating the world beyond Google definitely requires know-how. Unlike the graphical, HTML-based "surface Web," no one is holding your hand in the Deep Web. The point is that it's not accessible; if you have to ask, you're not supposed to be there.
Page 42: Hacking with Metasploit - Exploitation
In this article we will discuss the exploitation phase. This is the phase where we gain access to the target machine. We will go deeper into metasploit, its commands and its features a bit later, this is a brief overview combined with an example to get you thinking about some of the things that you can do.
Page 52: Python Network Recon Framework: Ivre
IVRE (Instrument de veille sur les réseaux extérieurs) or DRUNK (Dynamic Recon of UNKnown networks) is a network recon framework, including two modules for passive recon (one p0f-based and one Bro-based) and one module for active recon (mostly Nmap-based, with a bit of ZMap).
For more technical articles available on our website, subscribe to Hack Insight and receive:
--> 24 unique magazine editions per one year.
--> Access to all the previous releases from the archives.
--> Access to special publications, workshops and video tutorials.