The topics that had the greatest impact for me this semester were Metasploit and Web Application Hacking – Security Shepherd & Web Security Dojo. Setting up our test environments and being able to exploit vulnerabilities in metasploitable or the various challenges from Security Shepherd/Dojo provided a great learning experience. This also allowed me to get additional experience with other tools such as Burp Suite and the topic of virtualization. For me, the best way to learn is to use the tools.
Nessus vulnerability scanning and the metasploit framework I felt had the greatest impact on my learning this semester. While I had previously heard of vulnerability scanners at work during our external penetration assessments I had never actually went in and tried using one. I felt that the assignments and exercises related to Nessus provided me with some good hands on experience in the process around identifying vulnerabilities. Additionally, I thought it was fun taking some of the vulnerabilities that we found in our Nessus and nmap scans and actively trying to deliver payloads to exploit the vulnerabilities.
Surprisingly learning about PortQry – I was able to apply that knowledge the very next day at work. Overall I would say the Wifi module and breakdowns of Kismet and Aircrack-ng
Nessus vulnerability scanning, Going back to the basics always helps with some of the grey area you get when you’re throw into the fire at work. I was able to clear up somethings I wanted to know more about this class really helped with that.
Metasploit, Burp Suite, Nessus, Security Shepherd, and Security Dojo were the most impactful topics for me this semester. Those topics required me to be more “hands on” and use the tools. Although it was frustrating at times, I learn best through trial and error and the experience helped me understand the material better. Additionally, I thought the analysis reports were beneficial as well for the same reason.
Nessus and Metasploit. Run vulnerability scans and generate reports, use Metasploit to set up the test environment, and perform exploits. These are very practical learning experiences. Especially for Metasploit, there are a lot of teaching materials and videos on the Internet, which I can use for more in-depth practice.
The topics that had the greatest impact for me this semester were Metasploit and Web Application Hacking – Security Shepherd & Web Security Dojo. Setting up our test environments and being able to exploit vulnerabilities in metasploitable or the various challenges from Security Shepherd/Dojo provided a great learning experience. This also allowed me to get additional experience with other tools such as Burp Suite and the topic of virtualization. For me, the best way to learn is to use the tools.
Nessus vulnerability scanning and the metasploit framework I felt had the greatest impact on my learning this semester. While I had previously heard of vulnerability scanners at work during our external penetration assessments I had never actually went in and tried using one. I felt that the assignments and exercises related to Nessus provided me with some good hands on experience in the process around identifying vulnerabilities. Additionally, I thought it was fun taking some of the vulnerabilities that we found in our Nessus and nmap scans and actively trying to deliver payloads to exploit the vulnerabilities.
Surprisingly learning about PortQry – I was able to apply that knowledge the very next day at work. Overall I would say the Wifi module and breakdowns of Kismet and Aircrack-ng
I also found the early modules on recoinassance very helpful. I spent a few obessed days writing successful custom recon-ng scripts
Nessus vulnerability scanning, Going back to the basics always helps with some of the grey area you get when you’re throw into the fire at work. I was able to clear up somethings I wanted to know more about this class really helped with that.
Metasploit, Burp Suite, Nessus, Security Shepherd, and Security Dojo were the most impactful topics for me this semester. Those topics required me to be more “hands on” and use the tools. Although it was frustrating at times, I learn best through trial and error and the experience helped me understand the material better. Additionally, I thought the analysis reports were beneficial as well for the same reason.
Nessus and Metasploit. Run vulnerability scans and generate reports, use Metasploit to set up the test environment, and perform exploits. These are very practical learning experiences. Especially for Metasploit, there are a lot of teaching materials and videos on the Internet, which I can use for more in-depth practice.