Mastering Metasploit, Fourth Edition
Discover the next level of network defense and penetration testing with the Metasploit 5.0 framework
- Make your network robust and resilient with this updated edition covering the latest pentesting techniques
- Explore a variety of entry points to compromise a system while remaining undetected
- Enhance your ethical hacking skills by performing penetration tests in highly secure environments
Updated for the latest version of Metasploit, this book will prepare you to face everyday cyberattacks by simulating real-world scenarios. Complete with step-by-step explanations of essential concepts and practical examples, Mastering Metasploit will help you gain insights into programming Metasploit modules and carrying out exploitation, as well as building and porting various kinds of exploits in Metasploit.
Giving you the ability to perform tests on different services, including databases, IoT, and mobile, this Metasploit book will help you get to grips with real-world, sophisticated scenarios where performing penetration tests is a challenge. You'll then learn a variety of methods and techniques to evade security controls deployed at a target's endpoint. As you advance, you'll script automated attacks using CORTANA and Armitage to aid penetration testing by developing virtual bots and discover how you can add custom functionalities in Armitage. Following real-world case studies, this book will take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit 5.0 framework.
By the end of the book, you'll have developed the skills you need to work confidently with efficient exploitation techniques
What you will learn
- Develop advanced and sophisticated auxiliary, exploitation, and post-exploitation modules
- Learn to script automated attacks using CORTANA
- Test services such as databases, SCADA, VoIP, and mobile devices
- Attack the client side with highly advanced pentesting techniques
- Bypass modern protection mechanisms, such as antivirus, IDS, and firewalls
- Import public exploits to the Metasploit Framework
- Leverage C and Python programming to effectively evade endpoint protection
Who this book is for
If you are a professional penetration tester, security engineer, or law enforcement analyst with basic knowledge of Metasploit, this book will help you to master the Metasploit framework and guide you in developing your exploit and module development skills. Researchers looking to add their custom functionalities to Metasploit will find this book useful. As Mastering Metasploit covers Ruby programming and attack scripting using Cortana, practical knowledge of Ruby and Cortana is required.
Nipun Jaswal is an international cybersecurity author and an award-winning IT security researcher with more than a decade of experience in penetration testing, Red Team assessments, vulnerability research, RF, and wireless hacking. He is presently the Director of Cybersecurity Practices at BDO India. Nipun has trained and worked with multiple law enforcement agencies on vulnerability research and exploit development. He has also authored numerous articles and exploits that can be found on popular security databases, such as PacketStorm and exploit-db.
- Approaching a Penetration Test Using Metasploit
- Reinventing Metasploit
- The Exploit Formulation Process
- Porting Exploits
- Testing Services with Metasploit
- Virtual Test Grounds and Staging
- Client-Side Exploitation
- Metasploit Extended
- Evasion with Metasploit
- Metasploit for Secret Agents
- Visualizing Metasploit
- Tips and Tricks