Metasploit Penetration Testing Cookbook, 2/e (Paperback)

Monika Agarwal, Abhinav Singh

買這商品的人也買了...

商品描述

Over 80 recipes to master the most widely used penetration testing framework

Overview

  • Special focus on the latest operating systems, exploits, and penetration testing techniques for wireless, VOIP, and cloud
  • This book covers a detailed analysis of third party tools based on the Metasploit framework to enhance the penetration testing experience
  • Detailed penetration testing techniques for different specializations like wireless networks, VOIP systems with a brief introduction to penetration testing in the cloud

In Detail

Metasploit software helps security and IT professionals identify security issues, verify vulnerability mitigations, and manage expert-driven security assessments. Capabilities include smart exploitation, password auditing, web application scanning, and social engineering. Teams can collaborate in Metasploit and present their findings in consolidated reports. The goal of the software is to provide a clear understanding of the critical vulnerabilities in any environment and to manage those risks.

Metasploit Penetration Testing Cookbook, Second Edition contains chapters that are logically arranged with an increasing level of complexity and thoroughly covers some aspects of Metasploit, ranging from pre-exploitation to the post-exploitation phase. This book is an update from version 4.0 to version 4.5. It covers the detailed penetration testing techniques for different specializations like wireless networks, VOIP systems, and the cloud.

Metasploit Penetration Testing Cookbook, Second Edition covers a number of topics which were not part of the first edition. You will learn how to penetrate an operating system (Windows 8 penetration testing) to the penetration of a wireless network, VoIP network, and then to cloud.

The book starts with the basics, such as gathering information about your target, and then develops to cover advanced topics like building your own framework scripts and modules. The book goes deep into operating-systems-based penetration testing techniques and moves ahead with client-based exploitation methodologies. In the post-exploitation phase, it covers meterpreter, antivirus bypass, ruby wonders, exploit building, porting exploits to the framework, and penetration testing, while dealing with VOIP, wireless networks, and cloud computing.

This book will help readers to think from a hacker's perspective to dig out the flaws in target networks and also to leverage the powers of Metasploit to compromise them. It will take your penetration skills to the next level.

What you will learn from this book

  • Set up a complete penetration testing environment using Metasploit and virtual machines
  • Discover how to penetration test popular operating systems such as Windows 8
  • Get familiar with penetration testing based on client side exploitation techniques with detailed analysis of vulnerabilities and codes
  • Build and analyze meterpreter scripts in Ruby
  • Learn penetration testing in VOIP, WLAN, and the cloud from start to finish including information gathering, vulnerability assessment, exploitation, and privilege escalation
  • Make the most of the exclusive coverage of antivirus bypassing techniques using Metasploit
  • Work with BBQSQL to analyze the stored results of the database

Approach

This book follows a Cookbook style with recipes explaining the steps for penetration testing with WLAN, VOIP, and even cloud computing. There is plenty of code and commands used to make your learning curve easy and quick.

商品描述(中文翻譯)

超過80個食譜,讓您精通最廣泛使用的滲透測試框架

概述

- 專注於最新的操作系統、漏洞和無線網絡、VOIP和雲端的滲透測試技術
- 本書詳細分析了基於Metasploit框架的第三方工具,以增強滲透測試體驗
- 提供了針對不同專業領域的詳細滲透測試技術,如無線網絡、VOIP系統,並簡要介紹了雲端中的滲透測試

詳細內容

Metasploit軟體幫助安全和IT專業人員識別安全問題,驗證漏洞緩解措施,並管理專家驅動的安全評估。其功能包括智能利用、密碼審計、網絡應用程式掃描和社交工程。團隊可以在Metasploit中協作,並以整合報告的形式呈現他們的發現。該軟體的目標是提供對任何環境中的關鍵漏洞的清晰理解,並管理這些風險。

《Metasploit滲透測試食譜,第二版》的章節按照遞增的複雜性進行邏輯排列,從前期測試到後期測試階段全面涵蓋了Metasploit的一些方面。本書從4.0版本升級到4.5版本。它詳細介紹了不同專業領域的滲透測試技術,如無線網絡、VOIP系統和雲端。

《Metasploit滲透測試食譜,第二版》涵蓋了第一版中沒有的一些主題。您將學習如何滲透操作系統(Windows 8滲透測試),從滲透無線網絡、VOIP網絡,再到雲端。

本書從基礎知識開始,如收集有關目標的信息,然後進一步涵蓋高級主題,如構建自己的框架腳本和模塊。本書深入介紹了基於操作系統的滲透測試技術,並介紹了基於客戶端的利用方法。在後期測試階段,它涵蓋了meterpreter、繞過防病毒軟體、Ruby奇蹟、漏洞利用構建、將漏洞利用移植到框架以及處理VOIP、無線網絡和雲端計算。

本書將幫助讀者從駭客的角度思考,挖掘目標網絡中的漏洞,並利用Metasploit來入侵它們。它將使您的滲透技能提升到更高的水平。

本書將教您:

- 使用Metasploit和虛擬機器建立完整的滲透測試環境
- 了解如何對流行的操作系統(如Windows 8)進行滲透測試
- 熟悉基於客戶端利用技術的滲透測試,並詳細分析漏洞和代碼
- 在Ruby中構建和分析meterpreter腳本
- 從頭到尾學習VOIP、無線網絡和雲端的滲透測試,包括信息收集、漏洞評估、利用和特權升級
- 充分利用使用Metasploit繞過防病毒技術的獨家內容
- 使用BBQSQL分析數據庫的存儲結果

這本書以食譜的形式呈現,解釋了使用無線網絡、VOIP甚至雲端計算進行滲透測試的步驟。書中有大量的代碼和命令,使您的學習曲線變得輕鬆快速。