1 00:00:01,130 --> 00:00:05,570 So there are numerous tools on the market to conduct a penetration test. 2 00:00:06,660 --> 00:00:13,230 However, achieving success in a test largely depends on the right set of tools and the techniques that 3 00:00:13,230 --> 00:00:13,860 are used. 4 00:00:15,620 --> 00:00:22,280 In order to complete a test, you've got to choose the right set of tools and apply the best methodologies. 5 00:00:23,790 --> 00:00:30,840 Sure, it would be a whole lot easier and a whole lot of time savings if just one single tool could 6 00:00:30,840 --> 00:00:34,230 help you perform all the required tasks for penetration testing. 7 00:00:35,800 --> 00:00:43,240 That's why when I think of of, well, the best tools for penetration testing Métis Boite framework 8 00:00:43,240 --> 00:00:44,940 is the one that first comes to mind. 9 00:00:46,350 --> 00:00:52,350 In the security marketplace, it's considered to be the most effective tool to conduct a penetration 10 00:00:52,350 --> 00:00:53,100 test today. 11 00:00:54,590 --> 00:01:00,290 It can literally perform all tasks that are involved in a penetration testing lifecycle. 12 00:01:01,630 --> 00:01:07,720 That's important to understand the capabilities of Métis Point so that it can be leveraged perfectly 13 00:01:07,990 --> 00:01:09,400 during each test. 14 00:01:11,040 --> 00:01:15,410 With the use of Métis sport, you really don't need to reinvent the wheel. 15 00:01:17,240 --> 00:01:21,800 It offers a wide variety of exploits, information gathering modules. 16 00:01:22,620 --> 00:01:25,230 With a few web testing capabilities to. 17 00:01:27,080 --> 00:01:34,610 So metastable allows you to easily build attack vectors to augment its exploits, payloads, encoders 18 00:01:35,060 --> 00:01:39,950 and Wedmore in order to create and execute more advanced attacks. 19 00:01:41,680 --> 00:01:48,670 So besides manually or automatically accomplishing these test, Métis Boyte is not just an application, 20 00:01:49,040 --> 00:01:55,900 like I said before, it's an entire framework that has an extensive exploit development environment. 21 00:01:57,920 --> 00:02:04,760 And what that means is it allows you to customize and extend the framework for whatever your requirements 22 00:02:04,760 --> 00:02:05,330 may be. 23 00:02:06,840 --> 00:02:11,430 So no doubt you've seen that it's a very powerful tool for penetration testing. 24 00:02:12,850 --> 00:02:18,520 However, I want to warn you, it's not a magic tool that can help you hack into any target system. 25 00:02:20,120 --> 00:02:25,880 One of the goals of this course is to get you comfortable with a framework, show you some advanced 26 00:02:25,880 --> 00:02:31,910 attacks and ensure that you can apply these techniques responsibly. 27 00:02:33,140 --> 00:02:33,570 Right. 28 00:02:33,830 --> 00:02:39,470 So in the next few hours, you will be talking about the Métis Point framework. 29 00:02:41,990 --> 00:02:47,300 Now, before we jump into the hacking, you should know why I prefer Métis Boyd, among all the other 30 00:02:47,300 --> 00:02:48,080 tools out there. 31 00:02:50,300 --> 00:02:58,280 Thankfully, first up, it's an open source project, so, yeah, this is pretty much my main reason 32 00:02:58,280 --> 00:02:59,720 why I go with Matus Point. 33 00:03:01,260 --> 00:03:03,510 It's also actively developed. 34 00:03:04,700 --> 00:03:08,900 That exploit allows you to reach the source code and customize the modules. 35 00:03:10,340 --> 00:03:16,220 And yeah, it has a chargeable version, but I will give details about all the different versions in 36 00:03:16,220 --> 00:03:16,910 the next section. 37 00:03:18,640 --> 00:03:20,920 I also think it's easy to use Métis boy. 38 00:03:22,110 --> 00:03:25,800 It has reasonable naming conventions and command. 39 00:03:26,870 --> 00:03:33,230 And it's great for testing large networks because you don't get confused and you don't have to dread 40 00:03:33,230 --> 00:03:35,210 a whole lot of extra busywork. 41 00:03:36,370 --> 00:03:41,290 Because Métis Boyd offers to test the entire range automatically. 42 00:03:43,150 --> 00:03:49,750 It uses parameters such as subnet and classless inter domain routing CEYDA values. 43 00:03:51,400 --> 00:03:55,780 So therefore, Métis Boit saves a large amount of time and energy. 44 00:03:57,140 --> 00:04:01,880 Now, Métis Boyd has a variety of payloads, and you can easily switch between them. 45 00:04:03,310 --> 00:04:07,330 For automated exploits, you can create and set payloads quickly. 46 00:04:08,980 --> 00:04:17,140 Moreover, generating shall code to use and manual exploits also becomes easy by using the MSF venom 47 00:04:17,140 --> 00:04:18,780 from the command line. 48 00:04:20,930 --> 00:04:24,140 Métis Boit also offers cleaner exits. 49 00:04:25,370 --> 00:04:30,860 In other words, when you try to compromise a system by using a custom code, it exploit, you've got 50 00:04:30,860 --> 00:04:32,060 to be really careful. 51 00:04:33,220 --> 00:04:40,390 Because if the exploit does not have a right exit code that has the big potential to crash the system. 52 00:04:41,360 --> 00:04:44,500 And believe me, it's not a good practice at all. 53 00:04:46,510 --> 00:04:54,880 So if you don't want to face such situations and the wrath that it brings upon you, Metis Boyd is also 54 00:04:54,880 --> 00:04:59,260 responsible for making a much cleaner exit from the system that you want to get into. 55 00:05:01,200 --> 00:05:04,500 And luckily, the graphical user interface. 56 00:05:06,090 --> 00:05:12,810 Yeah, the commercial and the community version of Dennis Boite as DUI and you can perform most anything 57 00:05:12,810 --> 00:05:13,260 from their. 58 00:05:14,680 --> 00:05:20,350 So this brings up the question, what do you have for Métis Point framework? 59 00:05:21,250 --> 00:05:25,850 The answer is Armitage, which is a third party interface. 60 00:05:26,920 --> 00:05:30,540 Hopefully you're going to be learning these environments more in the later sections. 61 00:05:31,000 --> 00:05:31,990 So stick with me.