Mastering Metasploit : Take your penetration testing and IT security skills to a whole new level with the secrets of Metasploit, 3/e (Paperback)

Nipun Jaswal

商品描述

Discover the next level of network defense with the Metasploit framework

Key Features

  • Gain the skills to carry out penetration testing in complex and highly-secured environments
  • Become a master using the Metasploit framework, develop exploits, and generate modules for a variety of real-world scenarios
  • Get this completely updated edition with new useful methods and techniques to make your network robust and resilient

Book Description

We start by reminding you about the basic functionalities of Metasploit and its use in the most traditional ways. You'll get to know about the basics of programming Metasploit modules as a refresher and then dive into carrying out exploitation as well building and porting exploits of various kinds in Metasploit.

In the next section, you'll develop the ability to perform testing on various services such as databases, Cloud environment, IoT, mobile, tablets, and similar more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework.

By the end of the book, you will be trained specifically on time-saving techniques using Metasploit.

What you will learn

  • Develop advanced and sophisticated auxiliary modules
  • Port exploits from PERL, Python, and many more programming languages
  • Test services such as databases, SCADA, and many more
  • Attack the client side with highly advanced techniques
  • Test mobile and tablet devices with Metasploit
  • Bypass modern protections such as an AntiVirus and IDS with Metasploit
  • Simulate attacks on web servers and systems with Armitage GUI
  • Script attacks in Armitage using CORTANA scripting

Who This Book Is For

This book is a hands-on guide to penetration testing using Metasploit and covers its complete development. It shows a number of techniques and methodologies that will help you master the Metasploit framework and explore approaches to carrying out advanced penetration testing in highly secured environments.

Table of Contents

  1. Approaching a Penetration Test Using Metasploit
  2. Reinventing Metasploit
  3. The Exploit Formulation Process
  4. Porting Exploits
  5. Offstage Access to Testing Services
  6. Virtual Test Grounds and Staging
  7. Sophisticated Client-side Attacks
  8. Metasploit Extended and Speeding Up Penetration Testing
  9. Antivirus Evasion with Metasploit
  10. Metasploit and Offense / Metasploit for Secret agents
  11. Visualizing with Armitage
  12. Tips and Tricks

商品描述(中文翻譯)

發現使用Metasploit框架的下一個網絡防禦層級

主要特點


  • 獲得在複雜和高度安全的環境中進行滲透測試的技能

  • 成為使用Metasploit框架的大師,開發漏洞利用並生成各種真實場景的模塊

  • 獲得這本全新更新的版本,其中包含了新的有用方法和技巧,使您的網絡更加強大和有彈性

書籍描述

我們首先提醒您有關Metasploit的基本功能及其在最傳統方式中的使用。您將了解有關編程Metasploit模塊的基礎知識,然後深入研究在Metasploit中進行各種類型的漏洞利用和構建和移植漏洞利用。

在下一部分中,您將開發能力,能夠對各種服務進行測試,例如數據庫、雲環境、物聯網、移動設備、平板電腦等等。在這次培訓之後,我們將進入真實世界的複雜場景,其中進行滲透測試是一個挑戰。通過真實案例研究,我們將帶您進入使用Metasploit和基於Metasploit框架構建的各種腳本進行客戶端攻擊的旅程。

通過本書的學習,您將專門培訓使用Metasploit的節省時間的技巧。

您將學到什麼


  • 開發高級和複雜的輔助模塊

  • 從PERL、Python和其他多種編程語言移植漏洞利用

  • 測試數據庫、SCADA等服務

  • 使用高級技術對客戶端進行攻擊

  • 使用Metasploit測試移動設備和平板電腦

  • 使用Metasploit繞過現代保護措施,如防病毒軟件和入侵檢測系統

  • 使用Armitage GUI模擬對Web服務器和系統的攻擊

  • 使用CORTANA腳本在Armitage中進行攻擊

本書適合對象

本書是使用Metasploit進行滲透測試的實踐指南,涵蓋了其完整的開發過程。它展示了一些技術和方法,將幫助您掌握Metasploit框架,並探索在高度安全的環境中進行高級滲透測試的方法。

目錄


  1. 使用Metasploit進行滲透測試的方法

  2. 重新創造Metasploit

  3. 漏洞利用的制定過程

  4. 移植漏洞利用

  5. 測試服務的離場訪問

  6. 虛擬測試場地和分期

  7. 複雜的客戶端攻擊

  8. Metasploit擴展和加速滲透測試

  9. 使用Metasploit進行防病毒躲避

  10. Metasploit和攻擊/ Metasploit用於特工

  11. 使用Armitage進行可視化

  12. 技巧和技巧