1. Metaploit
OFFENSIVE HACKING
This is ALEX
This is ETHAN
Forgive us if we give a bad
presentation :’( we’re both NOOBS
unlike Beardo~

2. What is Metasploit for?
 Validate security risks as part of your vulnerability management program.
 Safely simulate attacks on your network to uncover security issues.
 Verify your defenses, security controls and mitigation efforts.
 Measure the effectiveness of your security awareness program.
 Audit password security beyond Windows and Linux logins.

3. Validate Security Risks
There's no way you can address every
threat that comes your way, so spend your
time wisely by validating which security risks
pose a real threat.
 Use Metasploit, our penetration testing
software to:
 Use time efficiently in addressing high-risk
threats that need your attention and
downgrading low-risk threats.
 Gain credibility with stakeholder teams
by delivering remediation reports that
are concise and relevant.

4. Productivity Boost
 Get a little help and be done in half
the time.
 Let our penetration testing software,
Metasploit, manage your data and
automate mundane or repetitive
tasks, making your work more
enjoyable and efficient. Use wizards to
simplify and speed up common jobs;
launch MetaModules to use
advanced offensive security
techniques or for security controls
testing.

5. Attackers Use Automation. So Why
aren't You?
 Stay in control with standard workflows
and let our penetration testing
software, Metasploit, manage all
network and evidence data for you.
Use packaged offensive security
techniques, schedule custom
workflows, and write your own
integrations with the Metasploit Pro
API.

6. Web and Command-line Interfaces
 Everyone has a preference, and you've
got yours. Our penetration testing
software allows you to choose your
favorite user interface - web-based or
command-line - or mix it up!
 New to Metasploit? Use the web-based
interface to reduce the need for
training, and get the job done faster.
 Metasploit veteran? Use the advanced
CLI functionality of Metasploit Pro to get
access to new, high-level
commands, better manage your data
and generate a single report for all
activities.

7. Network Discovery
the penetration testing software allows
you to:
 Scan for available hosts, identifying
open
ports, services, applications, operating
systems and versions.
 Launch a Nexpose vulnerability scan
or access existing results.
 Import reports from over a dozen third-
party network discovery and
vulnerability management solutions.

8. Password Auditing
 Uncover weak passwords on your
network to protect against brute
forcing attacks that go way beyond
Windows and Linux credentials. Test
over a dozen network
services, including SSH, VNC and
telnet. Make intelligent guesses based
on frequently used passwords, custom
dictionaries, vendor default passwords
and data collected from the
environment. Download our
penetration testing software to get
started.

9. Social Engineering
 By using a penetration testing
software, you can see how intruders
could get into your network through
phishing emails, malicious websites
and USB flash drives.
 For ongoing security
programs, measure the security
awareness of your users by sending
phishing emails.

10. Web App Testing
 Audit on-premise and cloud-based
web apps to identify OWASP Top 10
2013 vulnerabilities. Exploit web app
vulnerabilities to demonstrate risk to
applications owners or as part of a
penetration test. Download our
penetration testing software to start
testing your web apps today.

11. Teamwork and Reporting
 Share results and work more
effectively in teams to leverage
individual expertise. Mentor junior
team members by delegating simpler
tasks to them as part of a larger
engagement. Tag assets to assign
hosts to team members.
 And when you're done, generate
reports that reflect the entire team's
work. Choose report templates
depending on the stakeholder and
compliance regulation.