Short workshop pentesting (Nessus/Metasploit) - how to build the lab?

Experts,

For a small IT Service Management team I want to organize a small, hands-on workshop of 1 hour to teach the basics of scanning for vulnerabilities with Nessus and exploiting vulnerabilities, preferably with Metasploit.

I'm looking for a particularly vulnerable version of Linux to include in the testlab. I've heard about Damn Vulnerable Linux, but then again I also heard that it is more tailored towards web application security.

Any thoughts?
gwxAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
btanConnect With a Mentor Exec ConsultantCommented:
That is all right but preferred more specific like  Metasploitable 1/2 and web apps is a good means to reveal more of scanner capability as well e.g. OWASP Broken Web Applications

https://securitystreet.jive-mobile.com/#jive-document?content=%2Fapi%2Fcore%2Fv2%2Fdocuments%2F1875

Couple of vulnerable web apps
http://blog.taddong.com/2011/10/hacking-vulnerable-web-applications.html
0
 
btanExec ConsultantCommented:
Good to jote the testing done involving nessus with metasploitable too
http://hackertarget.com/nessus-openvas-nexpose-vs-metasploitable/
0
 
gwxAuthor Commented:
I can work with this, thx.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.