Mastering Metasploit

Mastering Metasploit
eBook: $29.99
Formats: PDF, PacktLib, ePub and Mobi formats
save 15%!
Print + free eBook + free PacktLib access to the book: $79.98    Print cover: $49.99
save 37%!
Free Shipping!
UK, US, Europe and selected countries in Asia.
Also available on:
Table of Contents
Sample Chapters
  • Develops Real World Approaches to Penetration testing using Metasploit
  • Develop advanced skills to carry out effective Risk validation
  • Develop skills to fabricate any kind of function within the Framework.

Book Details

Language : English
Paperback : 378 pages [ 235mm x 191mm ]
Release Date : May 2014
ISBN : 1782162224
ISBN 13 : 9781782162223
Author(s) : Nipun Jaswal
Topics and Technologies : All Books, Networking and Servers, Open Source

Table of Contents

Chapter 1: Approaching a Penetration Test Using Metasploit
Chapter 2: Reinventing Metasploit
Chapter 3: The Exploit Formulation Process
Chapter 4: Porting Exploits
Chapter 5: Offstage Access to Testing Services
Chapter 6: Virtual Test Grounds and Staging
Chapter 7: Sophisticated Client-side Attacks
Chapter 8: The Social Engineering Toolkit
Chapter 9: Speeding Up Penetration Testing
Chapter 10: Visualizing with Armitage
  • Chapter 1: Approaching a Penetration Test Using Metasploit
    • Setting up the environment
      • Preinteractions
      • Intelligence gathering / reconnaissance phase
        • Presensing the test grounds
      • Modeling threats
      • Vulnerability analysis
      • Exploitation and post-exploitation
      • Reporting
    • Mounting the environment
      • Setting up the penetration test lab
      • The fundamentals of Metasploit
      • Configuring Metasploit on different environments
        • Configuring Metasploit on Windows XP/7
        • Configuring Metasploit on Ubuntu
      • Dealing with error states
        • Errors in the Windows-based installation
        • Errors in the Linux-based installation
    • Conducting a penetration test with Metasploit
      • Recalling the basics of Metasploit
      • Penetration testing Windows XP
        • Assumptions
        • Gathering intelligence
        • Modeling threats
        • Vulnerability analysis
        • The attack procedure with respect to the NETAPI vulnerability
        • The concept of attack
        • The procedure of exploiting a vulnerability
        • Exploitation and post-exploitation
        • Maintaining access
        • Clearing tracks
      • Penetration testing Windows Server 2003
      • Penetration testing Windows 7
        • Gathering intelligence
        • Modeling threats
        • Vulnerability analysis
        • The exploitation procedure
        • Exploitation and post-exploitation
      • Using the database to store and fetch results
        • Generating reports
    • The dominance of Metasploit
      • Open source
      • Support for testing large networks and easy naming conventions
      • Smart payload generation and switching mechanism
      • Cleaner exits
      • The GUI environment
    • Summary
  • Chapter 2: Reinventing Metasploit
    • Ruby – the heart of Metasploit
      • Creating your first Ruby program
        • Interacting with the Ruby shell
        • Defining methods in the shell
      • Variables and data types in Ruby
        • Working with strings
        • The split function
        • The squeeze function
        • Numbers and conversions in Ruby
        • Ranges in Ruby
        • Arrays in Ruby
      • Methods in Ruby
      • Decision-making operators
      • Loops in Ruby
      • Regular expressions
      • Wrapping up with Ruby basics
    • Developing custom modules
      • Building a module in a nutshell
        • The architecture of the Metasploit framework
        • Understanding the libraries' layout
      • Understanding the existing modules
      • Writing out a custom FTP scanner module
      • Writing out a custom HTTP server scanner
      • Writing out post-exploitation modules
    • Breakthrough meterpreter scripting
      • The essentials of meterpreter scripting
      • Pivoting the target network
      • Setting up persistent access
      • API calls and mixins
      • Fabricating custom meterpreter scripts
    • Working with RailGun
      • Interactive Ruby shell basics
      • Understanding RailGun and its scripting
      • Manipulating Windows API calls
      • Fabricating sophisticated RailGun scripts
    • Summary
  • Chapter 3: The Exploit Formulation Process
    • The elemental assembly primer
      • The basics
      • Architectures
        • System organization basics
      • Registers
      • Gravity of EIP
      • Gravity of ESP
      • Relevance of NOPs and JMP
      • Variables and declaration
      • Fabricating example assembly programs
    • The joy of fuzzing
      • Crashing the application
      • Variable input supplies
      • Generating junk
      • An introduction to Immunity Debugger
      • An introduction to GDB
    • Building up the exploit base
      • Calculating the buffer size
      • Calculating the JMP address
      • Examining the EIP
        • The script
      • Stuffing applications for fun and profit
      • Examining ESP
      • Stuffing the space
    • Finalizing the exploit
      • Determining bad characters
      • Determining space limitations
      • Fabricating under Metasploit
      • Automation functions in Metasploit
    • The fundamentals of a structured exception handler
      • Controlling SEH
      • Bypassing SEH
      • SEH-based exploits
    • Summary
  • Chapter 4: Porting Exploits
    • Porting a Perl-based exploit
      • Dismantling the existing exploit
        • Understanding the logic of exploitation
        • Gathering the essentials
      • Generating a skeleton for the exploit
      • Generating a skeleton using Immunity Debugger
      • Stuffing the values
      • Precluding the ShellCode
      • Experimenting with the exploit
    • Porting a Python-based exploit
      • Dismantling the existing exploit
      • Gathering the essentials
      • Generating a skeleton
      • Stuffing the values
      • Experimenting with the exploit
    • Porting a web-based exploit
      • Dismantling the existing exploit
      • Gathering the essentials
      • Grasping the important web functions
      • The essentials of the GET/POST method
      • Fabricating an auxiliary-based exploit
        • Working and explanation
      • Experimenting with the auxiliary exploit
    • Summary
  • Chapter 5: Offstage Access to Testing Services
    • The fundamentals of SCADA
      • The fundamentals of ICS and its components
      • The seriousness of ICS-SCADA
    • SCADA torn apart
      • The fundamentals of testing SCADA
      • SCADA-based exploits
    • Securing SCADA
      • Implementing secure SCADA
      • Restricting networks
    • Database exploitation
      • SQL server
      • FootPrinting SQL server with Nmap
      • Scanning with Metasploit modules
      • Brute forcing passwords
      • Locating/capturing server passwords
      • Browsing SQL server
      • Post-exploiting/executing system commands
        • Reloading the xp_cmdshell functionality
        • Running SQL-based queries
    • VOIP exploitation
      • VOIP fundamentals
        • An introduction to PBX
        • Types of VOIP services
        • Self-hosted network
        • Hosted services
        • SIP service providers
      • FootPrinting VOIP services
      • Scanning VOIP services
      • Spoofing a VOIP call
      • Exploiting VOIP
        • About the vulnerability
        • Exploiting the application
    • Post-exploitation on Apple iDevices
      • Exploiting iOS with Metasploit
    • Summary
  • Chapter 6: Virtual Test Grounds and Staging
    • Performing a white box penetration test
      • Interaction with the employees and end users
      • Gathering intelligence
        • Explaining the fundamentals of the OpenVAS vulnerability scanner
        • Setting up OpenVAS
        • Greenbone interfaces for OpenVAS
      • Modeling the threat areas
      • Targeting suspected vulnerability prone systems
      • Gaining access
      • Covering tracks
      • Introducing MagicTree
      • Other reporting services
    • Generating manual reports
      • The format of the report
        • The executive summary
        • Methodology / network admin level report
        • Additional sections
    • Performing a black box penetration test
      • FootPrinting
        • Using Dmitry for FootPrinting
      • Conducting a black box test with Metasploit
        • Pivoting to the target
        • Scanning the hidden target using proxychains and db_nmap
        • Conducting vulnerability scanning using Nessus
        • Exploiting the hidden target
        • Elevating privileges
    • Summary
  • Chapter 7: Sophisticated Client-side Attacks
    • Exploiting browsers
      • The workings of the browser autopwn attack
        • The technology behind the attack
        • Attacking browsers with Metasploit browser autopwn
    • File format-based exploitation
      • PDF-based exploits
      • Word-based exploits
      • Media-based exploits
    • Compromising XAMPP servers
      • The PHP meterpreter
      • Escalating to system-level privileges
    • Compromising the clients of a website
      • Injecting malicious web scripts
      • Hacking the users of a website
    • Bypassing AV detections
      • msfencode
      • msfvenom
      • Cautions while using encoders
    • Conjunction with DNS spoofing
      • Tricking victims with DNS hijacking
    • Attacking Linux with malicious packages
    • Summary
  • Chapter 8: The Social Engineering Toolkit
    • Explaining the fundamentals of the social engineering toolkit
      • The attack types
    • Attacking with SET
      • Creating a Payload and Listener
      • Infectious Media Generator
      • Website Attack Vectors
        • The Java applet attack
        • The tabnabbing attack
        • The web jacking attack
      • Third-party attacks with SET
    • Providing additional features and further readings
      • The SET web interface
      • Automating SET attacks
    • Summary
  • Chapter 9: Speeding Up Penetration Testing
    • Introducing automated tools
    • Fast Track MS SQL attack vectors
      • A brief about Fast Track
        • Carrying out the MS SQL brute force attack
      • The depreciation of Fast Track
      • Renewed Fast Track in SET
    • Automated exploitation in Metasploit
      • Re-enabling db_autopwn
      • Scanning the target
      • Attacking the database
    • Fake updates with the DNS-spoofing attack
      • Introducing WebSploit
      • Fixing up WebSploit
        • Fixing path issues
        • Fixing payload generation
        • Fixing the file copy issue
      • Attacking a LAN with WebSploit
    • Summary
  • Chapter 10: Visualizing with Armitage
    • The fundamentals of Armitage
      • Getting started
      • Touring the user interface
      • Managing the workspace
    • Scanning networks and host management
      • Modeling out vulnerabilities
      • Finding the match
    • Exploitation with Armitage
    • Post-exploitation with Armitage
    • Attacking on the client side with Armitage
    • Scripting Armitage
      • The fundamentals of Cortana
      • Controlling Metasploit
      • Post-exploitation with Cortana
      • Building a custom menu in Cortana
      • Working with interfaces
    • Summary
    • Further reading

Nipun Jaswal

Nipun Jaswal is an independent information security specialist with a keen interest in the fields of penetration testing, vulnerability assessments, wireless penetration testing, forensics, and web application penetration testing. He is an MTech in Computer Science from Lovely Professional University, India, and is certified with C|EH and OSWP. While he was at the university, he was the student ambassador of EC-COUNCIL and worked with many security organizations along with his studies. He has a proven track record in IT security training and has trained over 10,000 students and over 2,000 professionals in India and Africa. He is a professional speaker and has spoken at various national and international IT security conferences. His articles are published in many security magazines, such as Hakin9, eforensics, and so on. He is also the developer of a web application penetration testing course for InSecTechs Pvt. Ltd., Hyderabad, India, which is a distance-learning package on testing web applications. He has been acknowledged for finding vulnerabilities in Rapid7, BlackBerry, Facebook, PayPal, Adobe, Kaneva, Barracuda labs, Zynga, Offensive Security, Apple, Microsoft, AT&T, Nokia, Red Hat Linux, CERT-IN, and is also part of the AT&T top 10 security researcher's list for 2013, Q2. Feel free to mail him via or visit his site for more information.

Sorry, we don't have any reviews for this title yet.

Submit Errata

Please let us know if you have found any errors not listed on this list by completing our errata submission form. Our editors will check them and add them to this list. Thank you.

Sample chapters

You can view our sample chapters and prefaces of this title on PacktLib or download sample chapters in PDF format.

Frequently bought together

Mastering Metasploit +    Haskell Data Analysis Cookbook =
50% Off
the second eBook
Price for both: £27.35

Buy both these recommended eBooks together and get 50% off the cheapest eBook.

What you will learn from this book

  • To perform effective penetration testing with Metasploit
  • To develop advanced and sophisticated auxiliary modules
  • To fuzz applications and create exploits in Metasploit
  • To port sophisticated exploits from Perl and Python
  • To automate web application attack scripts
  • To test services such as databases, VoIP, and SCADA systems
  • To reinvent traditional browser-based exploits
  • To speed up penetration testing with Metasploit's automated mode
  • To attack clients with the Social Engineering Toolkit
  • To implement attacks on web servers and systems with Armitage GUI
  • To script attacks in Armitage using Cortana scripting

In Detail

The Metasploit framework has been around for a number of years and is one of the most widely used tools for carrying out penetration testing on various services.

This book is a hands-on guide to penetration testing using Metasploit and covers its complete development. It will help you clearly understand the creation process of various exploits and modules and develop approaches to writing custom functionalities into the Metasploit framework.

This book covers a number of techniques and methodologies that will help you learn and master the Metasploit framework.

You will also explore approaches to carrying out advanced penetration testing in highly secured environments, and the book's hands-on approach will help you understand everything you need to know about Metasploit.


A comprehensive and detailed, step by step tutorial guide that takes you through important aspects of the Metasploit framework.

Who this book is for

If you are a penetration tester, security engineer, or someone who is looking to extend their penetration testing skills with Metasploit, then this book is ideal for you. The readers ofthis book must have a basic knowledge of using Metasploit. They are also expected to have knowledge of exploitation and an in-depth understanding of object-oriented programming languages.

Code Download and Errata
Packt Anytime, Anywhere
Register Books
Print Upgrades
eBook Downloads
Video Support
Contact Us
Awards Voting Nominations Previous Winners
Judges Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software
Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software