Week 5: Reading, Question, and In The News

It looks like I may be confused about what’s expected this week…

Reading: Metasploit Unleashed – MSF Extended Usage and Metasploit GUIs. This weeks’ reading introduced us to a broad range of tools and techniques for working with and extending the Metaploit Framework to conduct and improve penetration testing during pre-exploitation, exploitation, and post-exploitation activities.  I am particularly intrigued by the exploit presented where msfvenom is used to create an EXE file, which when inadvertently run by a user, compromises their Apple computer’s OS X and takes over the camera for unexpected picture taking of the user.

Question for the Class: Which language is Mimikatz using to communicate with the user in the screen and on the command line?

In The News:  “Export Treaty to Get Rewrite in Win for Security Industry”, by Phil Muncaster, Feb. 4, 2016. Good news for white hats this week after US Department of Commerce stepped back from a rule agreed to in the Wassenaar Arrangement among 41 countries to prevent export of dual-use technologies to criminal organizations and repressive regimes.  The Government will now seek public comment on a revised draft rule pertaining to a controversial clause in a weapons export pact which threatens to severely limit the use of legitimate security testing tools for finding software flaws.

http://www.infosecurity-magazine.com/news/export-treaty-get-rewrite-win/