Analysis of Shamoon Virus

brober15 at September 17,2015
A great introduction to what seems like a very powerful penetration testing tool. I appreciate the reminder that hacking is not like it is portrayed in popular media. Can't imagine spending an entire year to slowly compromise a system, but I applaud the patience. I wonder if security thresholds have been modified since that attack to recognize and react when someone is making a slow play for your network.

tshafi at September 25,2015
I've seen Eli before and actually subscribe to his channel. He does not do quick 5 minute how-to videos, there is always a lot of thought that goes into his videos and he goes into depth in his explanations. I left the video wanting to learn more and watch more on this particular subject, which I plan to do. He covered vocabulary. Exploit, payload, shell code, and module were terms I had heard before. The cli console seems pretty self-explanatory. MSF console and Armitage GUI seem like tools that would be intuitive to use. He says that Metasploit is not merely an application that you run and that it is a framework. The concept of a “framework” is not immediately apparent to me. I am driven to try out Metasploit to see exactly what “framework” means. I assume it is more than a suite of modules, or the ability to use multiple systems in discovering and exploiting vulnerabilities. The meaning of “framework” is something I will need to research and investigate further. His talk of the “internal database” was very interesting. The database allows for searches and attacks into target networks to be from multiple systems and under administrative thresholds, thereby allowing them to go undetected. Stealth is very important. I like that Eli suggested a book. There are a lot of books about technology out there that are not helpful, so being pointed to a useful resource is always a plus.

klloyd6 at September 29,2015
I would enjoy hearing how this gentleman and Metasploit could be used for good purposes? I do not have much background in hacking or getting into an exploited system but I felt this video was pretty easy to follow. I liked the background information he gave on backdoors, payloads, and listeners because just like a lot of movies portray things, it isn’t always a quick process hacking information. I also was not aware that when there is an attack, security watchers don’t normally immediately respond to every attack. I am interested in learning more about Metasploit and what building your own tools is like.

aholcom2 at October 03,2015
I was overall pretty disappointed with this video. Whenever I watch videos explaining how to use an offensive security tool, I like the videos that show actual demos of the tool being used, while at the same time explaining how the tool works. This guy simply talks for 25 minutes and “tells” you how Metasploit works. I prefer watching someone using Metasploit while explaining what’s happening behind the scenes. There are many other videos out there that go into just as much detail while demonstrating how to use Metasploit. Also the guy talks a little slow.

zsesay at October 08,2015
This is interesting. I am scared to remove my anti-virus from my computer. I might have to use an old computer and wipe everything, reset it with factory setting, then install the free metaspoilt. There is no way in the world I can afford $5000 a year for Metaspoit just for practice bases when I don't even know whose computer or network to hack. I am just scared of the word hacking. Who would allow me to hack their system? Not sure if the school provides such practice