Solved

Short workshop pentesting (Nessus/Metasploit) - how to build the lab?

Posted on 2013-12-04
3
455 Views
Last Modified: 2013-12-04
Experts,

For a small IT Service Management team I want to organize a small, hands-on workshop of 1 hour to teach the basics of scanning for vulnerabilities with Nessus and exploiting vulnerabilities, preferably with Metasploit.

I'm looking for a particularly vulnerable version of Linux to include in the testlab. I've heard about Damn Vulnerable Linux, but then again I also heard that it is more tailored towards web application security.

Any thoughts?
0
Comment
Question by:gwx
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 64

Accepted Solution

by:
btan earned 500 total points
ID: 39697432
That is all right but preferred more specific like  Metasploitable 1/2 and web apps is a good means to reveal more of scanner capability as well e.g. OWASP Broken Web Applications

https://securitystreet.jive-mobile.com/#jive-document?content=%2Fapi%2Fcore%2Fv2%2Fdocuments%2F1875

Couple of vulnerable web apps
http://blog.taddong.com/2011/10/hacking-vulnerable-web-applications.html
0
 
LVL 64

Expert Comment

by:btan
ID: 39697442
Good to jote the testing done involving nessus with metasploitable too
http://hackertarget.com/nessus-openvas-nexpose-vs-metasploitable/
0
 

Author Closing Comment

by:gwx
ID: 39697522
I can work with this, thx.
0

Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article was originally published on Monitis Blog, you can check it here .   Some years back, I worked as the CTO.  During my tenure, I had a head of IT support reporting to me.  He did his job quite well and had a commendable sense of duty …
The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question