This weekend (Oct 23rd and 24th) I will be in Charleston WV presenting/demoing the Nessus Bridge for Metasploit at Hack3rcon. This will be the first time I’ll have presented anything outside of work and should be lots of fun. Quite a few great speakers that I look forward to meeting.
I’ll post the presentation up here once it’s done for everyone else to take a look at. Actually going to be presenting a few new commands that are not in the metasploit svn version of the plugin.
After Hack3rcon I’ll be back into high gear adding some new functionality to the plugin and branching out into writing a wrapper for Nessus to speak IVIL for Seccubus v2. This is pretty exciting stuff for me. Coming up with a xml format to speak “findings” that is tool agnostic is going to be a great thing. It will mean moving findings between tools, or comparing findings between tools, will be much much easier. Keep a look out for that one.
There has been some talk on the metasploit mailing list this week about using tools such as Nessus to scan through a MSF pivot and into another network. Some interesting discussion and I think it’s something I will dive into in these next few weeks. Start to examine what some of the limitations are and how we might overcome or avoid them.
that’s it for now. have a good weekend.
Posted in Bananas, Security, Stuff, Technology, Things and tagged agnostic, Auto, Bridge, charleston wv, Draft, Hack, hacker convention, look, Metasploit, metasploit framework, nessus, Oct, Presenting, using tools, work, xml format by Zate with no comments yet.
Been a while since I have written.
So what have I been upto? Well. Looking back over old posts let me update a couple of things.
- Got the phone. Ended up with the Nexus One, on ATT, bought it outright (no contract). Totally LOVE this phone. It’s rooted, ROM’d and rockin. Running Cyanogenmod 6 on it. Seriously rocking phone.
- I completed the OffensiveSecurity.com PwV v3.0 course. Did 30 days worth of labs and then sat the exam for my OSCP. Passed it too. Was probably the best training I have ever attended and next to bootcamp for the army, one of the most intense 30 days of my career. Loved every second of it.
- Not working on HFC so much anymore. The project just kind of petered out with Johnny going through some changes over in Uganda. STill keep tabs on it and offer to help where I can.
So, new projects and things coming up, lets see. (more…)
Posted in Bananas and tagged hacker convention, hdm, learning curve, LOVE, Metasploit, nessus, oscp, phone, post, ruby by Zate with no comments yet.