Ever since Kali 2.0 is released, I'm worried if Metasploit framework is enough for me. The Question: What is the big difference? So far I can tell is that: 1. framework is all command-line while Express and Pro are GUI based 2. in framework there is no automation, while Pro version provides one-click solution 3. framework is open source thus AV can detect it easily, Pro version provides dynamic code to avoid AV detection So I need clarifications on above points Plus if there is difference between exploits available? NOTE:I'm a beginner with no experience with metasploit, so which one would be better for me
Maybe a naive answer as i havent used Kali v2 yet. I'll certainly be doing my due diligence. Why not have VMs of both versions? No security patches for Kali v1.x ?
I don't believe the core Metasploit has changed in the Kali v2. But haven't cranked it up yet. This link should help out a bit. https://www.offensive-security.com/metasploit-unleashed
my problem is not the automation of commands, but the availability of exploits. Do they have the same exploits?
Dude, finally a nice piece of tutorial for a beginner like me! Link is cool! :) Thanks a BILLION! Dojo@yobuddy4 thanks for the link
i am loving this forum. i only have a challenge. honestly i am new in this game of penetration testing and hacking. the courses here are quiet not sufficient enough to help a novice like me make it in the ICT world. guys i need help... can you help me with e-books, sites that can help me achieve my aim of being a good penetration tester and hacker.... thanks...
@charlex32 Hi, You can check out my All in One Study Guide Topic i posted in Computer Hacking and Forensics section for more help ;) -- xMidnightSnowx
> @yobuddy4 thanks for the link
Actual credit goes to @D0jo @yobuddy Thanks. I think the link below will help out as a really well put together supplement to the Ethical Hacking Pentest course. MIT offers a free online class with lecture notes, lecture videos and labs. Everything can also be downloaded local with the zip file they offer with exception being the videos and VMs. All Videos can be manually downloaded. A bit of a pain but well worth it. http://ocw.mit.edu/courses/electrical-engineering-and-computer-science/6-858-computer-systems-security-fall-2014/download-course-materials I'm curious as to what you think about it. Each video lecture is approximately an hour and 20 minutes so carve out some time.
@D0jo it seems like a defensive approach (haven't seen it completely though) but it will definitely be useful to see the other side of the picture to better attack the target :P You ROCK!
All metasploit versions contains the same exploits. As for the pro version, it is very expensive and aimed for professional penetration testers.
@Johan_Grotherus thanks. Can you also confirm that if my assumption is right that express/pro version (apart from being $5000) differ in automation of exploits? Same type of hack can be performed by framework with extra effort, or my making on customized tool package?
@yobuddy Its available on iTunes University for free as well. You just need an iPad. The great thing about going through iTunes U is that you can download the lectures (which are relatively lengthy- its as long as a college class session) for offline use.
@grotherus - That's good to know. I was pretty sure Metasploit was an entity of its own in regard to being used on different versions of Kali, but I hadn't checked that assumption. You saved me time that I can spend on something else.