OK. I admit it. I use metasploit at work. Of course, I have permission to use it as a penetration testing tool, but I find it to be very useful in other circumstances as well. I often use the PSEXEC "exploit" to provide username and password to fully patched machines for administrative purposes. For example, it has come in handy when the standard remote access tools have been removed and there is a remote machine that the support center is unable to access. They, rightly so, have figured out that if the security team can get in to their machines without usernames and passwords, it should be pretty easy for them to help recover a managed machine with known usernames and passwords. One option to troubleshoot the broken admin software is to remotely (and temporarily) install VNC on the stranded host. I use to connect to the remote c$ with administrator credentials, copy up vnc, import the required registry keys, start the server, fix the problem, clean up the regis
This is a collection of Articles, Tools, Conference talks, interviews, etc by Mark Baggett