HD Moore on Metasploit, Exploitation and the Art of Pen Testing

by    April 02, 2010, 6:17PM

Dennis Fisher talks with HD Moore, the founder of the Metasploit Project and the chief security officer at Rapid7, about the evolution of Metasploit, the difficulty of client-side exploitation in the age of DEP and ASLR and the decision on when to publish an exploit.

Related Posts

*Podcast audio courtesy of sykboy65

Subscribe to the Digital Underground podcast on 

 

Categories: Malware, Podcasts, Social Engineering, Vulnerabilities

Comment (1)

  1. Anonymous
    1

    Art tho it may be, the pen-test in but only one small facet of the IT management process. Scanned and Fully-patched are still highly susceptible to all matter of threats and misuse. Elevating the pen-test to art form, which by itself won’t keep a network fully secure, it akin to milking a cow with satin gloves and claiming product is silky smooth.

Comments are closed.

Recommended Reads

incomplete_java_patch
January 11, 2013, 8:18PM
Categories: Malware, Vulnerabilities

Incomplete Java Patch Paved Way for Latest Zero Day Mess

by

The exploit targeting the latest zero-day vulnerability in the Java platform is dropping ransomware, and has been found in another exploit kit. Security experts, including U.S.-CERT last night, advise users and IT managers to disable Java on endpoints and browsers. Meanwhile, Polish security researcher Adam Gowdiak of Security Explorations, said the attacks target a pair of vulnerabilities, one of which was reported to Oracle in September and patched, apparently incompletely, in October.

Read more...