mailing list archives
Metasploit on Windows
From: ken at klmsystems.com (ken)
Date: Thu, 18 Jan 2007 08:13:28 -0700
Wow, what a thread. Here's my .02:
I have been demonstrating metasploit now for nearly 2 years to students who
are learning how to conduct pen-tests. I will use either *nix or Windows,
but the vast majority (somewhere close to 90%) must only use windows for
their tests because of a company mandate or other policy. When I am
conducting an independent pen test, and use both open source and commercial
products, it's only at that time that companies don't care what platform I
use, because they want the test to simulate what the hacker might be doing.
Now, to those who say that Windows users are script kiddies, where does that
come from? Is it that so many script kiddies do use windows? That's like
saying all non-windows users are hackers and should be jailed. Is that
where this discussion is leading? I've worked with governments and
companies of many countries, and many of the fortune 100 here in the US, as
well as the DOD, US Armed Forces, Cent Comm, State Department, and on goes
the list. I've met 1000's of very skilled security specialists, those who
are far from script kiddies, and they are windows users. If you abandon
support for windows, then I'd worry that the framework would become a thing
of the past, and that the gap would be filled by someone else further down
Please, those of you who take *nix vs. Windows as a religious ideology,
let's be more broad-minded and realize that there's a whole world out there
who can use this tool. Let's not become elitists.
PS: I love demonstrating metasploit - I demo this in our classes, online
seminars, and it's featured in my video training which is used in over 200
training centers around the world. Abandoning windows support would cause
this audience to abandon metasploit. I don't want to see this happen.
-------------- next part --------------
An HTML attachment was scrubbed...
Metasploit on Windows ken (Jan 18)
metasploit on windows ken (Jan 18)