Learning Metasploit Exploitation and Development
|Also available on:|
- Step-by-step instructions to learn exploit development with Metasploit, along with crucial aspects of client-side exploitation to secure against unauthorized access and defend vulnerabilities
- This book contains the latest exploits tested on new operating systems and also covers the concept of hacking recent network topologies
- This tutorial encourages you to really think out of the box and test your ability to beat the vulnerabilities when the chances appear slim
Book DetailsLanguage : English
Paperback : 294 pages [ 235mm x 191mm ]
Release Date : July 2013
ISBN : 1782163581
ISBN 13 : 9781782163589
Author(s) : Aditya Balapure
Topics and Technologies : All Books, Networking and Servers, Security and Testing, Open Source
Table of ContentsPreface
Chapter 1: Lab Setup
Chapter 2: Metasploit Framework Organization
Chapter 3: Exploitation Basics
Chapter 4: Meterpreter Basics
Chapter 5: Vulnerability Scanning and Information Gathering
Chapter 6: Client-side Exploitation
Chapter 7: Post Exploitation
Chapter 8: Post Exploitation – Privilege Escalation
Chapter 9: Post Exploitation – Cleaning Up Traces
Chapter 10: Post Exploitation – Backdoors
Chapter 11: Post Exploitation – Pivoting and Network Sniffing
Chapter 12: Exploit Research with Metasploit
Chapter 13: Using Social Engineering Toolkit and Armitage
- Chapter 1: Lab Setup
- Installing Oracle VM VirtualBox
- Installing WindowsXP on Oracle VM VirtualBox
- Installing BackTrack5 R2 on Oracle VM Virtual Box
- Chapter 2: Metasploit Framework Organization
- Metasploit interfaces and basics
- Exploit modules
- Auxiliary modules
- Payloads – in-depth
- Chapter 3: Exploitation Basics
- Basic terms of exploitation
- How does exploitation work?
- A typical process for compromising a system
- Finding exploits from online databases
- Chapter 4: Meterpreter Basics
- Working of the Meterpreter
- Meterpreter in action
- Chapter 5: Vulnerability Scanning and Information Gathering
- Information Gathering through Metasploit
- Active Information Gathering
- Working with Nmap
- Nmap discovery options
- Nmap advanced scanning options
- Port scanning options
- Working with Nessus
- Report importing in Metasploit
- Chapter 6: Client-side Exploitation
- What are client-side attacks?
- Browser exploits
- Internet Explorer shortcut icon exploit
- Internet Explorer malicious VBScript code execution exploit
- Chapter 7: Post Exploitation
- What is post exploitation?
- Phases of post exploitation
- Chapter 8: Post Exploitation – Privilege Escalation
- Understanding Privilege Escalation
- Exploiting the victim's system
- Privilege escalation by post exploitation
- Chapter 9: Post Exploitation – Cleaning Up Traces
- Disabling firewalls and other network defenses
- Disabling firewalls through VBScript
- Antivirus killing and log deletion
- Chapter 10: Post Exploitation – Backdoors
- What is a backdoor?
- Payload tools
- Creating an EXE backdoor
- Creating a fully undetectable backdoor
- Metasploit persistent backdoor
- Chapter 11: Post Exploitation – Pivoting and Network Sniffing
- What is pivoting?
- Pivoting in a network
- Sniffing in a network
- Espia Extension
- Chapter 12: Exploit Research with Metasploit
- Exploit writing tips and tricks
- Important points
- Format for an exploit
- Exploit mixins
- The Auxiliary::Report mixin
- Widely used exploit mixins
- Editing an exploit module
- Working with payloads
- Writing exploits
- Scripting with Metasploit
- Chapter 13: Using Social Engineering Toolkit and Armitage
- Understanding the Social Engineering Toolkit
- Attack options
- Working with Hail Mary
- Meterpreter—access option
Please let us know if you have found any errors not listed on this list by completing our errata submission form. Our editors will check them and add them to this list. Thank you.
What you will learn from this book
- Learn the basics of exploitation
- Gather information for a victim
- Get to grips with vulnerability assessment with the best tools using Metasploit
- Exploit research with Metasploit
- Discover the latest exploits for the new operating systems
- Find out about the post exploitation tricks such as backdoors, sniffing, and cleaning traces
- Exploit development using Metasploit
- Learn about the client side exploitation tricks
Metasploit is an open source exploit framework that provides you with heaps of exploits, as well as tools to assist you in creating your own exploits. This includes the ability to generate a large range of shellcodes for different purposes and platforms that can be customized to attack your target. The recent improvements in network security mechanisms have given rise to new trends and techniques of compromising a network. This book deals with these recent trends and attack tips to compromise the weakest to the strongest of networks. Metasploit Exploitation and Development describes actual penetration testing skills and ways to penetrate and assess different types of networks.
Metasploit Exploitation and Development is a perfect fit for hackers who want to develop some real exploitation skills. This book has been designed with a practical approach which emphasizes hands-on rather than theoretical reading. It covers all the new exploits for new operating systems and tips from the experience of real hackers. This is a best buy book for learning the art of exploitation and skills of a penetration tester.
Metasploit Exploitation and Development is a guide to real network hacking with the best tricks to master the art of exploitation.
This book has been designed in well-defined stages so the reader learns more effectively. From the actual setup to vulnerability assessment, this book provides an individual with in-depth knowledge of an expert penetration tester. The book deals with vulnerability assessment exercises with some of the industrially-used tools and report-making tips. It covers topics such as client exploitation, backdoors, post exploitation, and also exploitation development with Metasploit.
This book has been developed with a practical hands-on approach so that readers can effectively try and test what they actually read.
Metasploit Exploitation and Development covers the experience of real network hacking with some of the latest operating systems. The readers will go through a journey in which they will learn from basic to advanced levels of the art of exploitation.
This book covers real hacking and exploitation of the current vulnerabilities in some of the latest operating systems.
A practical, hands-on tutorial with step-by-step instructions. The book will follow a smooth and easy-to-follow tutorial approach, covering the essentials and then showing the readers how to write more sophisticated exploits.
Who this book is for
This book targets exploit developers, vulnerability analysts and researchers, network administrators, and ethical hackers looking to gain advanced knowledge in exploitation development and identifying vulnerabilities. The primary goal is to take readers wishing to get into more advanced exploitation discovery and reaching the next level.
Prior experience exploiting basic stack overflows on both Windows and Linux is assumed. Some knowledge of Windows and Linux architecture is expected.