Metasploit 3.0 security testing tool -- free, easy and improved

Security testing tools Windows security toolbox: Free testing tools Metasploit: A penetration testing tool you shouldn't be without

In addition to faster loads and better module organization that everyone can benefit from, security testing-related enhancements to Metasploit version 3.0 include:

• Interactive scripting capabilities via the Meterpreter and a client API that allows for direct memory reads/writes from/to exploited systems
• Routing capabilities that allow the relaying of attacks through compromised systems
• Ability to import Nessus and Nmap output files for cross-referencing host vulnerabilities supported on target systems. This is a major time saver, especially on larger networks! If you want to use a vulnerability scanner other than Nessus, the Metasploit Framework Web site and Web Console have good search capabilities and a list of current exploits.
• Large list of Windows-centric exploits including Wi-Fi driver exploitation capabilities

Enhanced extensions that support exploitation tricks such as file and process manipulation, port forwarding, command execution, Windows password hash dumps and covering your tracks

• IDS/IPS evasion options that alter the way exploits are carried out
• Multiple concurrent host exploitation via Ruby's built-in process threading

Metasploit currently has 176 exploits, 104 payloads and even some handy auxiliary modules for DoS testing, host discovery and more. It's also worth noting that this security testing tool now comes pre-packaged with the netcat, Putty and VNC tools for easy access if you need them during your security testing. The application installs quickly and easily in Windows using its Web interface by default as shown in Figure 1.

Figure 1: Metasploit's Web Console provides easy access to what you need for security testing.

There's also a GUI application (msfgui) in development that takes Metasploit to the next level.

The best way to upgrade your skill set and increase your security testing knowledge is to learn from others and get your hands dirty with experience. Learning about Metasploit is no different. It doesn't have a one-hour learning curve, but thankfully there are a growing number of resources you can turn to in order to enhance your Windows security testing.

Metasploit 3.0 is a whole new beast. Although the new version is much more comprehensive and complex, it's still relatively easy to use. The price is right too -- it's a free download. If you perform security testing and, like me, long to obtain remote control of the systems you're testing, get the latest version of Metasploit and give it a whirl. It won't be able to exploit every vulnerability you find -- no tool or reasonable amount of manual testing will. But it does a lot. A couple of commercial alternatives may allow you to dig in deeper if you can justify the cost. I tend to recommend commercial security tools over their freeware and open source counterparts, but this version of Metasploit debunks the adage "you get what you pay for." Beyond the shadow of a doubt, it will raise your Windows security testing capabilities and results a few notches.

About the author: Kevin Beaver is an independent information security consultant, speaker and expert witness with Atlanta-based Principle Logic LLC. He has nearly two decades of experience in IT and specializes in performing information security assessments regarding compliance and risk management. Kevin has authored/co-authored six books on information security including Hacking For Dummies and Hacking Wireless Networks For Dummies (Wiley) as well as The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He's also the creator of the Security On Wheels information security audio programs providing security learning for IT professionals on the go. Kevin can be reached at kbeaver@principlelogic.com.