Cargando…
Metasploit for beginners : create a threat-free environment with the best-in-class tool /
An easy to digest practical guide to Metasploit covering all aspects of the framework from installation, configuration, and vulnerability hunting to advanced client side attacks and anti-forensics. About This Book Carry out penetration testing in highly-secured environments with Metasploit Learn to...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Birmingham, UK :
Packt Publishing,
2017.
|
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
Tabla de Contenidos:
- Cover ; Copyright ; Credits; About the Author; About the Reviewer; www.PacktPub.com; Customer Feedback; Table of Contents; Preface; Chapter 1: Introduction to Metasploit and Supporting Tools ; The importance of penetration testing; Vulnerability assessment versus penetration testing; The need for a penetration testing framework; Introduction to Metasploit; When to use Metasploit?; Making Metasploit effective and powerful using supplementary tools; Nessus; NMAP; w3af; Armitage; Summary; Exercises; Chapter 2: Setting up Your Environment ; Using the Kali Linux virtual machine
- the easiest way.
- Installing Metasploit on WindowsInstalling Metasploit on Linux; Setting up exploitable targets in a virtual environment; Summary; Exercises; Chapter 3: Metasploit Components and Environment Configuration ; Anatomy and structure of Metasploit; Metasploit components; Auxiliaries; Exploits; Encoders; Payloads; Post; Playing around with msfconsole; Variables in Metasploit; Updating the Metasploit Framework; Summary; Exercises; Chapter 4: Information Gathering with Metasploit ; Information gathering and enumeration; Transmission Control Protocol; User Datagram Protocol; File Transfer Protocol.
- Server Message BlockHypertext Transfer Protocol; Simple Mail Transfer Protocol; Secure Shell; Domain Name System; Remote Desktop Protocol; Password sniffing; Advanced search with shodan; Summary; Exercises; Chapter 5: Vulnerability Hunting with Metasploit ; Managing the database; Work spaces; Importing scans; Backing up the database; NMAP; NMAP scanning approach; Nessus; Scanning using Nessus from msfconsole; Vulnerability detection with Metasploit auxiliaries; Auto exploitation with db_autopwn; Post exploitation; What is meterpreter?; Searching for content; Screen capture; Keystroke logging.
- Dumping the hashes and cracking with JTRShell command; Privilege escalation; Summary; Exercises; Chapter 6: Client-side Attacks with Metasploit ; Need of client-side attacks; What are client-side attacks?; What is a Shellcode?; What is a reverse shell?; What is a bind shell?; What is an encoder?; The msfvenom utility; Generating a payload with msfvenom; Social Engineering with Metasploit; Generating malicious PDF; Creating infectious media drives; Browser Autopwn; Summary; Exercises; Chapter 7: Web Application Scanning with Metasploit ; Setting up a vulnerable application.
- Web application scanning using WMAPMetasploit Auxiliaries for Web Application enumeration and scanning; Summary; Exercises; Chapter 8: Antivirus Evasion and Anti-Forensics ; Using encoders to avoid AV detection; Using packagers and encrypters; What is a sandbox?; Anti-forensics; Timestomp; clearev; Summary; Exercises; Chapter 9: Cyber Attack Management with Armitage ; What is Armitage?; Starting the Armitage console; Scanning and enumeration; Find and launch attacks; Summary; Exercises; Chapter 10: Extending Metasploit and Exploit Development ; Exploit development concepts.