I'm getting start in the Pen testing field of security and have been
playing with Backtrack (4 R2).
I'm working through the 'metasploit unleashed' and have been watching
some video's here and there.
The one thing I'm trying to understand is how best to determine which
exploit to use based on the results from basic information gathering.
For example I can use NMAP to determine hosts,services and do some basic
OS and application finger printing and from that, and from there I guess
its possible to kind of line up what exploits to try.
So if its a windows box I can 'use' exploit/windows/......
For the testing I'm doing I'm not able to use any type of auto_pwn feature.
The other thing I guess I can do is use a tool like nessus or nexpose to try to get the 'MS' vulnerability
numbers and look for exploits?
Are there any other tips that anyone can provide a n00bie with?