Selling your Information Security Team Part 7

Now for the Fun Hacker Ninja work: the Attack VM.  We will use an OS designed for penetration testing that has the tools and a framework to make this job easier: Kali Linux.  We’ve already built a vulnerable Victim VM, so we will take advantage of known vulnerabilities in that build.  This is the build I had the most fun with!

Onward with the Attacker VM.  In order to make the attack sequence easier during a presentation, everything will be scripted.  The best tool for that in Kali Linux is Metasploit.  Each phase of the Cyber Kill Chain introduced at the beginning of the series will have it’s own Metasploit script and will use it’s own set of ports so we can clearly separate each phase for our audience.  Things will be much clearer in the final post wrapping up this series, but for now, onto the fun.

Continue reading “Selling your Information Security Team Part 7”