Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Metasploit Penetration Testing Cookbook
  • Table Of Contents Toc
  • Feedback & Rating feedback
Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

By : Teixeira, Nipun Jaswal, Singh, Agarwal
3.8 (5)
Buy this Book
close
close
Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

3.8 (5)
By: Teixeira, Nipun Jaswal, Singh, Agarwal
Buy this Book

Overview of this book

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports. In this book, you will go through great recipes that will allow you to start using Metasploit effectively. With an ever increasing level of complexity, and covering everything from the fundamentals to more advanced features in Metasploit, this book is not just for beginners but also for professionals keen to master this awesome tool. You will begin by building your lab environment, setting up Metasploit, and learning how to perform intelligence gathering, threat modeling, vulnerability analysis, exploitation, and post exploitation—all inside Metasploit. You will learn how to create and customize payloads to evade anti-virus software and bypass an organization's defenses, exploit server vulnerabilities, attack client systems, compromise mobile phones, automate post exploitation, install backdoors, run keyloggers, highjack webcams, port public exploits to the framework, create your own modules, and much more.
Table of Contents (15 chapters)
close
close
close
Preface
chevron up
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Sections
Icon
Get in touch
Icon
Disclaimer
Free Chapter
1
Metasploit Quick Tips for Security Professionals
Icon
Metasploit Quick Tips for Security Professionals
Icon
Introduction
Icon
Installing Metasploit on Windows
Icon
Installing Linux and macOS
Icon
Installing Metasploit on macOS
Icon
Using Metasploit in Kali Linux
Icon
Setting up a penetration-testing lab
Icon
Setting up SSH connectivity
Icon
Connecting to Kali using SSH
Icon
Configuring PostgreSQL
Icon
Creating  workspaces
Icon
Using the database
Icon
Using the hosts command
Icon
Understanding the services command
2
Information Gathering and Scanning
Icon
Information Gathering and Scanning
Icon
Introduction
Icon
Passive information gathering with Metasploit
Icon
Active information gathering with Metasploit
Icon
Port scanning—the Nmap way
Icon
Port scanning—the db_nmap way
Icon
Host discovery with ARP Sweep
Icon
UDP Service Sweeper
Icon
SMB scanning and enumeration
Icon
Detecting SSH versions with the SSH Version Scanner
Icon
FTP scanning
Icon
SMTP enumeration
Icon
SNMP enumeration
Icon
HTTP scanning
Icon
WinRM scanning and brute forcing
Icon
Integrating with Nessus
Icon
Integrating with NeXpose
Icon
Integrating with OpenVAS
3
Server-Side Exploitation
Icon
Server-Side Exploitation
Icon
Introduction
Icon
Exploiting a Linux server
Icon
SQL injection
Icon
Types of shell
Icon
Exploiting a Windows Server machine
Icon
Exploiting common services
Icon
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
Icon
MS17-010 EternalRomance/EternalSynergy/EternalChampion
Icon
Installing backdoors
Icon
Denial of Service
4
Meterpreter
Icon
Meterpreter
Icon
Introduction
Icon
Understanding the Meterpreter core commands
Icon
Understanding the Meterpreter filesystem commands
Icon
Understanding Meterpreter networking commands
Icon
Understanding the Meterpreter system commands
Icon
Setting up multiple communication channels with the target
Icon
Meterpreter anti-forensics
Icon
The getdesktop and keystroke sniffing
Icon
Using a scraper Meterpreter script
Icon
Scraping the system using winenum
Icon
Automation with AutoRunScript
Icon
Meterpreter resource scripts
Icon
Meterpreter timeout control
Icon
Meterpreter sleep control
Icon
Meterpreter transports
Icon
Interacting with the registry
Icon
Loading framework plugins
Icon
Meterpreter API and mixins
Icon
Railgun—converting Ruby into a weapon
Icon
Adding DLL and function definitions to Railgun
Icon
Injecting the VNC server remotely
Icon
Enabling Remote Desktop
5
Post-Exploitation
Icon
Post-Exploitation
Icon
Introduction
Icon
Post-exploitation modules
Icon
Bypassing UAC
Icon
Dumping the contents of the SAM database
Icon
Passing the hash
Icon
Incognito attacks with Meterpreter
Icon
Using Mimikatz
Icon
Setting up a persistence with backdoors
Icon
Becoming TrustedInstaller
Icon
Backdooring Windows binaries
Icon
Pivoting with Meterpreter
Icon
Port forwarding with Meterpreter
Icon
Credential harvesting
Icon
Enumeration modules
Icon
Autoroute and socks proxy server
Icon
Analyzing an existing post-exploitation module
Icon
Writing a post-exploitation module
6
Using MSFvenom
Icon
Using MSFvenom
Icon
Introduction
Icon
Payloads and payload options
Icon
Encoders
Icon
Output formats
Icon
Templates
Icon
Meterpreter payloads with trusted certificates
7
Client-Side Exploitation and Antivirus Bypass
Icon
Client-Side Exploitation and Antivirus Bypass
Icon
Introduction
Icon
Exploiting a Windows 10 machine
Icon
Bypassing antivirus and IDS/IPS
Icon
Metasploit macro exploits
Icon
Human Interface Device attacks
Icon
HTA attack
Icon
Backdooring executables using a MITM attack
Icon
Creating a Linux trojan
Icon
Creating an Android backdoor
8
Social-Engineer Toolkit
Icon
Social-Engineer Toolkit
Icon
Introduction
Icon
Getting started with the Social-Engineer Toolkit
Icon
Working with the spear-phishing attack vector
Icon
Website attack vectors
Icon
Working with the multi-attack web method
Icon
Infectious media generator
9
Working with Modules for Penetration Testing
Icon
Working with Modules for Penetration Testing
Icon
Introduction
Icon
Working with auxiliary modules
Icon
DoS attack modules
Icon
Post-exploitation modules
Icon
Understanding the basics of module building
Icon
Analyzing an existing module
Icon
Building your own post-exploitation module
Icon
Building your own auxiliary module
10
Exploring Exploits
Icon
Exploring Exploits
Icon
Introduction
Icon
Common exploit mixins
Icon
Exploiting the module structure
Icon
Using MSFvenom to generate shellcode
Icon
Converting an exploit to a Metasploit module
Icon
Porting and testing the new exploit module
Icon
Fuzzing with Metasploit
Icon
Writing a simple fuzzer
11
Wireless Network Penetration Testing
Icon
Wireless Network Penetration Testing
Icon
Introduction
Icon
Metasploit and wireless
Icon
Understanding an evil twin attack
Icon
Configuring Karmetasploit
Icon
Wireless MITM attacks
Icon
SMB relay attacks
12
Cloud Penetration Testing
Icon
Cloud Penetration Testing
Icon
Introduction
Icon
Metasploit in the cloud
Icon
Metasploit PHP Hop
Icon
Phishing from the cloud
Icon
Setting up a cloud penetration testing lab
13
Best Practices
Icon
Best Practices
Icon
Introduction
Icon
Best practices
Icon
Using Metasploit over the Tor network
Icon
Metasploit logging
Icon
Documentation
Icon
Cleaning up
14
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Leave a review - let other readers know what you think

What this book covers

Chapter 1, Metasploit Quick Tips for Security Professionals, contains recipes covering how to install Metasploit on different platforms, building a penetration testing lab, configuring Metasploit to use a PostgreSQL database, and using workspaces. 

Chapter 2, Information Gathering and Scanning, discusses passive and active information gathering with Metasploit, port scanning, scanning techniques, enumeration, and integration with scanners such as Nessus, NeXpose, and OpenVAS.

Chapter 3, Server-Side Exploitation, includes Linux and Windows server exploitation, SQL injection, backdoor installation, and Denial of Service attacks.

Chapter 4, Meterpreter, covers all of the commands related to Meterpreter, communication channels, keyloggers, automation, loading framework plugins, using Railgun, and much more.

Chapter 5, Post-Exploitation, covers post-exploitation modules, privilege escalation, process migration, bypassing UAC, pass the hash attacks, using Incognito and Mimikatz, backdooring Windows binaries, pivoting, port forwarding, credential harvesting, and writing a post-exploitation module.

Chapter 6, Using MSFvenom, discusses MSFvenom payloads and payload options, encoders, output formats, templates, and how to use Meterpreter payloads with trusted certificates.

Chapter 7, Client-Side Exploitation and Antivirus Bypass, explains how to exploit a Windows 10 machine, antivirus and IDS/IPS bypasses, macro exploits, Human Interface Device attacks, HTA attacks, how to backdoor executables using a MITM attack, and how to create a Linux trojan and an Android backdoor.

Chapter 8, Social-Engineer Toolkit, includes how to get started with the Social-Engineer Toolkit, spear-phishing attack vectors, website attack vectors, working with the multiattack web method, and infectious media generation.

Chapter 9, Working with Modules for Penetration Testing, covers auxiliary modules, DoS attack modules, post-exploitation modules, and module analyzing and building.

Chapter 10, Exploring Exploits, covers common exploit mixins, generating shellcode with MSFvenom, converting exploits to Metasploit modules, fuzzing with Metasploit, and how to write a simple fuzzer.

Chapter 11, Wireless Network Penetration Testing, Metasploit and wireless, includes evil twin attacks, Karmetasploit, wireless MITM attacks, and SMB relay attacks.

Chapter 12, Cloud Penetration Testing, covers how to use Metasploit in the cloud, Metasploit PHP Hop, performing phishing attacks from the cloud, and setting up a cloud penetration testing lab.

Chapter 13, Best Practices, includes using Metasploit over the Tor network, Metasploit logging, documentation, and cleaning up.

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
Next Section

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Edit Note

Modal Close icon
Write a note (max 255 characters)
Cancel
Update Note

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY