Posts by jcran

0 min Metasploit

Metasploit and PTES

One of our Metasploit contributers, Brandon Perry [], has put together a document detailing the recently released Penetration Testing Execution Standard [](PTES) with the modules and functionality in the Framework. PTES is a push from a group of testers fed up with the lack of guidance and the disparate sources of basic penetration testing information. Brandon's document does a great job detailing disparate par

3 min Release Notes

Exploit for critical Java vulnerability added to Metasploit

@_sinn3r [] and Juan Vasquez [!/_juan_vazquez_] recently released a module which exploits the Java vulnerability detailed here [] by mihi and by Brian Krebs here []. This is a big one.  To quote Krebs: "A new exploit that takes advantage of a recently-patched critical security flaw in Java is making the rounds in the cri

2 min Metasploit

Password Cracking in Metasploit with John the Ripper

HDM recently added password cracking functionality to Metasploit through the inclusion of John-the-Ripper in the Framework [] . The 'auxiliary/analyze/jtr_crack_fast [] ' module was created to facilitate JtR's usage in Framework and directly into Express/Pro's automated collection routine. The module works