I haven't got official experience, but will be taking GPEN 560 shortly. In preparation for that, I have installed metasploit, nessus, wireshark etc.... then I set up VMs and hacked away.
One stunt was to set up a debian web server and host a WP blog on it. then created a invisible malicious iframe and pointed it at a metasploit exploit. Then my victim VM surfed to the blog and got 0wned. :-P
it has been quite useful in helping me understand exploits. and penetrating systems. seems that the easiest way in is to get an employee to click on a link. Assuming that they secured their wifi and network....
