Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Metasploit Penetration Testing Cookbook
  • Table Of Contents Toc
  • Feedback & Rating feedback
Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

By : Teixeira, Nipun Jaswal, Singh, Agarwal
3.8 (5)
Buy this Book
close
close
Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

3.8 (5)
By: Teixeira, Nipun Jaswal, Singh, Agarwal
Buy this Book

Overview of this book

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports. In this book, you will go through great recipes that will allow you to start using Metasploit effectively. With an ever increasing level of complexity, and covering everything from the fundamentals to more advanced features in Metasploit, this book is not just for beginners but also for professionals keen to master this awesome tool. You will begin by building your lab environment, setting up Metasploit, and learning how to perform intelligence gathering, threat modeling, vulnerability analysis, exploitation, and post exploitation—all inside Metasploit. You will learn how to create and customize payloads to evade anti-virus software and bypass an organization's defenses, exploit server vulnerabilities, attack client systems, compromise mobile phones, automate post exploitation, install backdoors, run keyloggers, highjack webcams, port public exploits to the framework, create your own modules, and much more.
Table of Contents (15 chapters)
close
close
close
Preface
chevron up
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Sections
Icon
Get in touch
Icon
Disclaimer
Free Chapter
1
Metasploit Quick Tips for Security Professionals
Icon
Metasploit Quick Tips for Security Professionals
Icon
Introduction
Icon
Installing Metasploit on Windows
Icon
Installing Linux and macOS
Icon
Installing Metasploit on macOS
Icon
Using Metasploit in Kali Linux
Icon
Setting up a penetration-testing lab
Icon
Setting up SSH connectivity
Icon
Connecting to Kali using SSH
Icon
Configuring PostgreSQL
Icon
Creating  workspaces
Icon
Using the database
Icon
Using the hosts command
Icon
Understanding the services command
2
Information Gathering and Scanning
Icon
Information Gathering and Scanning
Icon
Introduction
Icon
Passive information gathering with Metasploit
Icon
Active information gathering with Metasploit
Icon
Port scanning—the Nmap way
Icon
Port scanning—the db_nmap way
Icon
Host discovery with ARP Sweep
Icon
UDP Service Sweeper
Icon
SMB scanning and enumeration
Icon
Detecting SSH versions with the SSH Version Scanner
Icon
FTP scanning
Icon
SMTP enumeration
Icon
SNMP enumeration
Icon
HTTP scanning
Icon
WinRM scanning and brute forcing
Icon
Integrating with Nessus
Icon
Integrating with NeXpose
Icon
Integrating with OpenVAS
3
Server-Side Exploitation
Icon
Server-Side Exploitation
Icon
Introduction
Icon
Exploiting a Linux server
Icon
SQL injection
Icon
Types of shell
Icon
Exploiting a Windows Server machine
Icon
Exploiting common services
Icon
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
Icon
MS17-010 EternalRomance/EternalSynergy/EternalChampion
Icon
Installing backdoors
Icon
Denial of Service
4
Meterpreter
Icon
Meterpreter
Icon
Introduction
Icon
Understanding the Meterpreter core commands
Icon
Understanding the Meterpreter filesystem commands
Icon
Understanding Meterpreter networking commands
Icon
Understanding the Meterpreter system commands
Icon
Setting up multiple communication channels with the target
Icon
Meterpreter anti-forensics
Icon
The getdesktop and keystroke sniffing
Icon
Using a scraper Meterpreter script
Icon
Scraping the system using winenum
Icon
Automation with AutoRunScript
Icon
Meterpreter resource scripts
Icon
Meterpreter timeout control
Icon
Meterpreter sleep control
Icon
Meterpreter transports
Icon
Interacting with the registry
Icon
Loading framework plugins
Icon
Meterpreter API and mixins
Icon
Railgun—converting Ruby into a weapon
Icon
Adding DLL and function definitions to Railgun
Icon
Injecting the VNC server remotely
Icon
Enabling Remote Desktop
5
Post-Exploitation
Icon
Post-Exploitation
Icon
Introduction
Icon
Post-exploitation modules
Icon
Bypassing UAC
Icon
Dumping the contents of the SAM database
Icon
Passing the hash
Icon
Incognito attacks with Meterpreter
Icon
Using Mimikatz
Icon
Setting up a persistence with backdoors
Icon
Becoming TrustedInstaller
Icon
Backdooring Windows binaries
Icon
Pivoting with Meterpreter
Icon
Port forwarding with Meterpreter
Icon
Credential harvesting
Icon
Enumeration modules
Icon
Autoroute and socks proxy server
Icon
Analyzing an existing post-exploitation module
Icon
Writing a post-exploitation module
6
Using MSFvenom
Icon
Using MSFvenom
Icon
Introduction
Icon
Payloads and payload options
Icon
Encoders
Icon
Output formats
Icon
Templates
Icon
Meterpreter payloads with trusted certificates
7
Client-Side Exploitation and Antivirus Bypass
Icon
Client-Side Exploitation and Antivirus Bypass
Icon
Introduction
Icon
Exploiting a Windows 10 machine
Icon
Bypassing antivirus and IDS/IPS
Icon
Metasploit macro exploits
Icon
Human Interface Device attacks
Icon
HTA attack
Icon
Backdooring executables using a MITM attack
Icon
Creating a Linux trojan
Icon
Creating an Android backdoor
8
Social-Engineer Toolkit
Icon
Social-Engineer Toolkit
Icon
Introduction
Icon
Getting started with the Social-Engineer Toolkit
Icon
Working with the spear-phishing attack vector
Icon
Website attack vectors
Icon
Working with the multi-attack web method
Icon
Infectious media generator
9
Working with Modules for Penetration Testing
Icon
Working with Modules for Penetration Testing
Icon
Introduction
Icon
Working with auxiliary modules
Icon
DoS attack modules
Icon
Post-exploitation modules
Icon
Understanding the basics of module building
Icon
Analyzing an existing module
Icon
Building your own post-exploitation module
Icon
Building your own auxiliary module
10
Exploring Exploits
Icon
Exploring Exploits
Icon
Introduction
Icon
Common exploit mixins
Icon
Exploiting the module structure
Icon
Using MSFvenom to generate shellcode
Icon
Converting an exploit to a Metasploit module
Icon
Porting and testing the new exploit module
Icon
Fuzzing with Metasploit
Icon
Writing a simple fuzzer
11
Wireless Network Penetration Testing
Icon
Wireless Network Penetration Testing
Icon
Introduction
Icon
Metasploit and wireless
Icon
Understanding an evil twin attack
Icon
Configuring Karmetasploit
Icon
Wireless MITM attacks
Icon
SMB relay attacks
12
Cloud Penetration Testing
Icon
Cloud Penetration Testing
Icon
Introduction
Icon
Metasploit in the cloud
Icon
Metasploit PHP Hop
Icon
Phishing from the cloud
Icon
Setting up a cloud penetration testing lab
13
Best Practices
Icon
Best Practices
Icon
Introduction
Icon
Best practices
Icon
Using Metasploit over the Tor network
Icon
Metasploit logging
Icon
Documentation
Icon
Cleaning up
14
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Leave a review - let other readers know what you think

To get the most out of this book

To perform the various recipes mentioned in this book, you will need the following:

  • A Kali Linux machine
  • A Metasploitable 2 vulnerable machine
  • A Metasploitable 3 vulnerable machine
  • A Windows 7 x86 client machine
  • A Windows 10 client machine
  • An Android OS device or a virtual machine
  • Most of the software mentioned in the book can be found in Kali Linux or is available for download at the links mentioned in the book

Download the color images

Conventions used

There are a number of text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "Mount the downloaded WebStorm-10*.dmg disk image file as another disk in your system."

A block of code is set as follows:

class MetasploitModule < Msf::Post
  include Msf::Post::Windows::WMIC

  def initialize(info={})
    super( update_info( info,
      'Name' => 'Windows Gather Run Specified WMIC Command',

Any command-line input or output is written as follows:

root@kali:~# passwd

Bold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "In VMware Fusion, go to Preferences, select the Network tab, and create a custom network."

Warnings or important notes appear like this.
Tips and tricks appear like this.

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
Next Section

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Edit Note

Modal Close icon
Write a note (max 255 characters)
Cancel
Update Note

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY