Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Mastering Metasploit
  • Table Of Contents Toc
  • Feedback & Rating feedback
Mastering Metasploit

Mastering Metasploit

By : Nipun Jaswal
3.5 (4)
close
close
Mastering Metasploit

Mastering Metasploit

3.5 (4)
By: Nipun Jaswal

Overview of this book

Updated for the latest version of Metasploit, this book will prepare you to face everyday cyberattacks by simulating real-world scenarios. Complete with step-by-step explanations of essential concepts and practical examples, Mastering Metasploit will help you gain insights into programming Metasploit modules and carrying out exploitation, as well as building and porting various kinds of exploits in Metasploit. Giving you the ability to perform tests on different services, including databases, IoT, and mobile, this Metasploit book will help you get to grips with real-world, sophisticated scenarios where performing penetration tests is a challenge. You'll then learn a variety of methods and techniques to evade security controls deployed at a target's endpoint. As you advance, you’ll script automated attacks using CORTANA and Armitage to aid penetration testing by developing virtual bots and discover how you can add custom functionalities in Armitage. Following real-world case studies, this book will take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit 5.0 framework. By the end of the book, you’ll have developed the skills you need to work confidently with efficient exploitation techniques
Table of Contents (17 chapters)
close
close
1
Section 1 – Preparation and Development
6
Section 2 – The Attack Phase
10
Section 3 – Post-Exploitation and Evasion

Other protection mechanisms

Throughout this chapter, we have developed exploits based on stack-based vulnerabilities, and in our journey of exploitation, we bypassed SEH and DEP protection mechanisms. There are many more protection techniques, such as Address Space Layout Randomization (ASLR), stack cookies, SafeSEH, and SEHOP. We will see bypass techniques for these techniques in the upcoming sections of this book. However, these techniques will require an excellent understanding of assembly, opcodes, and debugging.

Important note

Refer to an excellent tutorial on bypassing protection mechanisms at https://www.corelan.be/index.php/2009/09/21/exploit-writing-tutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr/.

You can find more information on bypassing DEP at https://www.corelan.be/index.php/2010/06/16/exploit-writing-tutorial-part-10-chaining-dep-with-rop-the-rubikstm-cube/.

For more information on debugging, refer to http://resources.infosecinstitute.com...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
bookmark search playlist download font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY