Sunday, September 30, 2007

Metasploit Toolkit Book First Thoughts

thanks to a pretty good uh-oh on the framework list I got an ecopy of the new book. I'm only thru chapter 3 which really contained nothing not already out there. some of the other chapters look a bit more promising. For example you build a voip aux module (of course MC already got his working in like 5 minutes ) then you go into some case studies. two initial gripes are 1) the warez is old, out of 5 case studies i found the software for only 2 of them. A case study is worthless if you cant do it yourself (but they dont do warFTP which is good). 2) is that the exploits are written for the 2.x branch. Anyone that keeps up with MSF knows that 2.x is dead, so it certainly takes down from the value of the book for the examples to be in 2.x it wouldn't have been to hard to port them and make the book much more current.

again, this isnt the review i'm only thru chapter 3, just some initial thoughts. when i do the review i'll probably have to tackle it from two view points. 1) from someone who doesnt know anything at all about metasploit and 2) from someone who has been using the MSF for awhile. we'll see how that goes...


No comments: