I was first introduced to Metasploit at NOLACON around 2013 or so.  I knew about it, but only because I had been watching Hak5 since they were filming out of a garage.  I was extremely interested in all the hacking stuff, but never went into the exploitation side of things.  I took a class by Georgia Weidman that was based on her book, Penetration Testing, a Hands-on Introduction to Hacking.  I read this book, but never did the series of exercises, but definitely had the smell of blood on my palette for exploits.  
Today, I took the next step of applying everything that I had learned.  I did all of the basic steps for setting up metasploit, updating the database, connecting to a machine for an exploit, taking over the machine, elevating privileges, and recording the results.  As I do this, I am constantly adding to the quick reference tools that I have listed within the menus on this site.  Just look for metasploit, and each of the useful commands to help you remember what works well.

As a side note, although metasploit is awesome and extremely capable, I need to keep in mind that some of the exams that I’ll be taking do not allow the use of metasploit.  Therefore, if I find exploits, and know their names, it helps me learn if I do a google on that name and try to run the exploit through code.  This also helps me to learn about what the exploits do because the code is open source.  With metasploit, the modules do not reveal their code, at least not without research, and therefore, everything that happens on the screen is pretty much automatic.

So this was an extremely fun day.  By now, you probably know that the Space-X launch was scrubbed, but it was absolutely a blast watching that, and playing with metasploit at the same time.  What a great afternoon.


Scroll to top