Lab number 3, utilising the following tools > This time, I only have familiarity with the first two. I am aware of the others, and may have used Hydra in the past on another abandoned learning journey wen attempting to brute force. So, as usual, I start with checking out where I am and what…

Not a lot to say with this one. It was pretty brief and straight-forward. The downside is I won’t have enough time to get the CTF completed in today’s learning window, so I’ll have to do that another time. It looks tricky though, so I’m looking forward to it.

More enumeration covered with assistance from the Metasploit framework… Next is SMTP, then another lab / CTF.

Some light webserver enumeration (Apache focused, really) using MSFConsole.

Via MSF, and using global variables. On my way to becoming a script kiddie lol.

Just some basic port / service discovery, with a cheeky pivot via a meterpreter session made possible by a XOMA exploit. Good fun.

Not as much time to study today, unfortunately. I was only able to cover a couple of small modules rehashing exporting Nmap scans to XML, then importing into MSF for organisation. Thanks H.D. Moore!

Took a look at these two topics today. XML output to import into Metasploit looks tasty, ngl. On to the next module, more in depth enumeration!

Optimising for success, either via stealth or speed. Timing templates vs specified delays / timeouts… Output formats are next, followed by a quick look at Zenmap too.