Hands-On Web Penetration Testing with Metasploit

More Information
  • Setting up and Installing Metasploit
  • Using Metasploit for Web-Apps Reconnaissance
  • Pentesting Content Management Systems (CMS)
  • Performing Pentesting on Technological Platforms
  • Fuzzing using different tools
  • Writing Penetration Testing Reports

Metasploit Framework has always been a MUST for many years but in case of web application penetration testing, there are very few modules available publically. This book will aim to help you to learn another side of Metasploit Framework which is used rarely - Web Application. Metasploit not only covers the basics of web application penetration testing but when used with a Graphical User Interface (GUI) - Metasploit Web GUI, the experience is so much better especially when Web Application Pentesting modules are available within the framework itself.

You will learn about the existing scripts which can be used to perform multiple tasks while performing Penetration testing on a particular application such as recon using inbuilt auxiliaries, web application enumeration, fuzzing HTTP forms, using inbuilt exploits for CMS and other well known applications.

This book will also cover topics on vulnerability assessment & exploitation of technological platforms such has JBoss, Jira, NodeJS etc. and what caused the vulnerability and how exactly the exploit will be working in Metasploit.

By the end of the book, you will finally know about the auxiliaries in Metasploit which can be used as a part of web application pentesting.

  • Become a web penetration testing expert using Metasploit
  • Exploit and protect your Web environment
  • Embrace tools and techniques like network scanning, pen testing, and exploitation
Page Count 468
Course Length 14 hours 2 minutes
ISBN 9781789953527
Date Of Publication 8 May 2020


Himanshu Sharma

Himanshu Sharma has been active in the field of bug bounty since 2009, and has been listed in Apple, Google, Microsoft, Facebook, Adobe, Uber, AT&T, Avira, and many more with hall of fame listings as proof. He has been a speaker at multiple international conferences, including Botconf '13, Confidence 2018, RSA Asia Pacific and Japan '18, and Hack In The Box 2019. He also spoke at the IEEE conference in California and Malaysia, as well as for TedX. Currently, he is the cofounder of BugsBounty, a crowd-sourced security platform for ethical hackers and companies interested in cyber services. He has also authored the following books: Kali Linux – An Ethical Hacker's Cookbook, and Hands-On Red Team Tactics.

Harpreet Singh

Harpreet Singh has more than 5 years experience in the field of Ethical Hacking, Penetration Testing, and Red Teaming. In addition, he has performed red team engagement in multi-national banks and companies. Harpreet is a Offensive Security Certified Professional (OSCP) and Offensive Security Wireless Professional (OSWP). He has trained 1500+ students including Govt. officials in International projects.