A vulnerability assessment is only part of a full security sweep. After vulnerabilities are identified or misconfigurations are discovered, the security assessor should strive to actually exploit these vulnerabilities. The reasons for taking the assessment to the exploitation stage are numerous, but the most important parts are to eliminate false positive findings and to demonstrate the full criticality of potentially severe findings.

There is very little that will catch a Director of IT or CIO's attention faster than exfiltrating sensitive data from a supposedly secured system!

Metasploit is a very effective attack platform, with many modules being added to the system at a very quick rate. Leveraging the power of Metasploit with scanning tools such as Nmap, and vulnerability scanners such as Nessus, can complete the Trifecta of a well-prepared security tool suite.

In this chapter, we will cover the following topics: