Mastering Metasploit - Third Edition - Couverture souple

Présentation de l'éditeur

Discover the next level of network defense with the Metasploit framework

Key Features

• Gain the skills to carry out penetration testing in complex and highly-secured environments
• Become a master using the Metasploit framework, develop exploits, and generate modules for a variety of real-world scenarios
• Get this completely updated edition with new useful methods and techniques to make your network robust and resilient

Book Description

We start by reminding you about the basic functionalities of Metasploit and its use in the most traditional ways. You'll get to know about the basics of programming Metasploit modules as a refresher and then dive into carrying out exploitation as well building and porting exploits of various kinds in Metasploit.

In the next section, you'll develop the ability to perform testing on various services such as databases, Cloud environment, IoT, mobile, tablets, and similar more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework.

By the end of the book, you will be trained specifically on time-saving techniques using Metasploit.

What you will learn

• Develop advanced and sophisticated auxiliary modules
• Port exploits from PERL, Python, and many more programming languages
• Test services such as databases, SCADA, and many more
• Attack the client side with highly advanced techniques
• Test mobile and tablet devices with Metasploit
• Bypass modern protections such as an AntiVirus and IDS with Metasploit
• Simulate attacks on web servers and systems with Armitage GUI
• Script attacks in Armitage using CORTANA scripting

Who This Book Is For

This book is a hands-on guide to penetration testing using Metasploit and covers its complete development. It shows a number of techniques and methodologies that will help you master the Metasploit framework and explore approaches to carrying out advanced penetration testing in highly secured environments.

Table of Contents

1. Approaching a Penetration Test Using Metasploit
2. Reinventing Metasploit
3. The Exploit Formulation Process
4. Porting Exploits
5. Offstage Access to Testing Services
6. Virtual Test Grounds and Staging
7. Sophisticated Client-side Attacks
8. Metasploit Extended and Speeding Up Penetration Testing
9. Antivirus Evasion with Metasploit
10. Metasploit and Offense / Metasploit for Secret agents
11. Visualizing with Armitage
12. Tips and Tricks

Biographie de l'auteur

Nipun Jaswal is an IT security business executive & a passionate IT security Researcher with more than 7 years of professional experience and possesses knowledge in all aspects of IT security testing and implementation with expertise in managing cross-cultural teams and planning the execution of security needs beyond national boundaries.

He is an M.tech in Computer Sciences and a thought leader who has contributed in raising the bar of understanding on cyber security and ethical hacking among students of many colleges and universities in India. He is a voracious public speaker, delivers speech on Improving IT Security, Insider Threat, Social Engineering, Wireless forensics, and Exploit writing. He is the author of numerous IT security articles with popular security magazines like Eforensics, Hakin9, and Security Kaizen etc. Many popular companies like Apple, Microsoft, AT&T, Offensive Security, Rapid7, Blackberry, Nokia, Zynga and many others have thanked him for finding vulnerabilities in their system. He has also been acknowledged with the Award of excellence from National cyber defense and research center (NCDRC) for his tremendous contributions to the IT security industry.

In his current profile, he leads team super specialists in cyber security to protect various clients from Cyber Security threats and network intrusion by providing necessary solutions and services.