More Information
Learn
  • Prepare the Metasploit framework and set up labs locally and remotely
  • Understand Metasploit fundamentals
  • Conduct penetration testing on different target scopes
  • Perform client-side attacks on browsers and devices (bypassing AV detection)
  • White- and black-box penetration testing steps
  • Post exploitation on Windows and OS X
  • Construct custom modules from scratch
About

Metasploit is a Ruby-based platform for performing advanced penetration testing. It enables you to write, test, and execute exploit code. The Metasploit framework contains a suite of tools that you can use to test security vulnerabilities, enumerate networks, execute attacks, and evade detection.

In this course, you'll go through some great recipes that will allow you to build on your existing Metasploit knowledge and start using it effectively. You'll improve your skills with some best practices and techniques and implement some troubleshooting issues you'll encounter using Metasploit. You'll learn to perform intelligence gathering, threat modeling, vulnerability analysis, exploitation, and post-exploitation―all inside Metasploit.

You'll learn to create and customize payloads to evade antivirus software, bypass an organization's defenses, exploit server vulnerabilities, attack client systems, compromise mobile phones, automate post exploitation, install backdoors, run keyloggers, highjack webcams, port public exploits to the Metasploit framework, create your own modules, and much more.

By the end of this course, you'll be proficient with many tools and techniques and will have mastered everything you need to perform penetration testing using Metasploit and virtual machines.

All the code and supporting files are on GitHub at: https://github.com/PacktPublishing/-Metasploit-Penetration-Testing-Recipes

Features
  • Exploit vulnerable targeted operating systems
  • Automate the process of client-side attacks
  • Evade AV detections efficiently
Course Length 2 hours 5 minutes
ISBN 9781838551865
Date Of Publication 25 Oct 2019

Authors

Lawrence Amer

Lawrence Amer is an Offensive Security Certified Professional (OSCP), Certified Penetration Testing Engineer (CPTE), and Vulnerability Researcher; he has reported medium- to severe-level vulnerabilities in eBay, Adobe, Facebook, Sony, Microsoft, Yahoo, and many more. He actively monitors multiple intelligence sources to identify and investigate potential risks and threats. He has been mentioned in various magazines for his zero-days findings. He's also experienced at bypassing most endpoint security solutions, and is especially familiar with malware techniques.