Security lab

{ Using nikto.pl } Section 0. Background Information What is Mutillidae? OWASP Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiast. What is Nikto? Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers   Pre-Requisite Lab Mutillidae: Lesson 1: How to Install Mutillidae in Fedora Note : Remote database access has been turned on to provide an additional vulnerability. BackTrack: Lesson 1: Installing BackTrack 5 Note : This is not absolutely necessary, but if you are a computer security student or professional, you should have a BackTrack VM. Lab Notes In this lab we will do the following: We will use nikto.pl to scan the Mutillidae

{ Persistent Covert Cross Site Scripting Injection with Metasploit #3 } Section 0. Background Information What is Mutillidae? OWASP Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiast. What is Metasploit? The Metasploit Framework is a open source penetration tool used for developing and executing exploit code against a remote target machine it, Metasploit frame work has the world's largest database of public, tested exploits. In simple words, Metasploit can be used to test the Vulnerability of computer systems in order to protect them and on the other hand it can also be used to break into remote systems.   What is the MS10-018 Exploit? Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer