Metasploit, 2nd Edition

Informationen zum Autor David Kennedy Klappentext The new and improved guide to penetration testing using the legendary Metasploit Framework. Metasploit: The Penetration Tester's Guide has been the definitive security assessment resource for over a decade. The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless, but using it can be challenging for newcomers. Written by renowned ethical hackers and industry experts, this fully updated second edition includes: Advanced Active Directory and cloud penetration testingModern evasion techniques and payload encodingMalicious document generation for client-side exploitationCoverage of recently added modules and commands Starting with Framework essentialsexploits, payloads, Meterpreter, and auxiliary modulesyou'll progress to advanced methodologies aligned with the Penetration Test Execution Standard (PTES). Through real-world examples and simulated penetration tests, you'll: Conduct network reconnaissance and analyze vulnerabilitiesExecute wireless network and social engineering attacksPerform post-exploitation techniques, including privilege escalationDevelop custom modules in Ruby and port existing exploitsUse MSFvenom to evade detectionIntegrate with Nmap, Nessus, and the Social-Engineer Toolkit Whether you're a cybersecurity professional, ethical hacker, or IT administrator, this second edition of Metasploit: The Penetration Tester's Guide is your key to staying ahead in the ever-evolving threat landscape. Zusammenfassung The new and improved guide to penetration testing using the legendary Metasploit Framework. Metasploit: The Penetration Tester's Guide has been the definitive security assessment resource for over a decade. The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless, but using it can be challenging for newcomers. Written by renowned ethical hackers and industry experts, this fully updated second edition includes: Advanced Active Directory and cloud penetration testing Modern evasion techniques and payload encoding Malicious document generation for client-side exploitation Coverage of recently added modules and commands Starting with Framework essentialsexploits, payloads, Meterpreter, and auxiliary modulesyou'll progress to advanced methodologies aligned with the Penetration Test Execution Standard (PTES). Through real-world examples and simulated penetration tests, you'll: Conduct network reconnaissance and analyze vulnerabilities Execute wireless network and social engineering attacks Perform post-exploitation techniques, including privilege escalation Develop custom modules in Ruby and port existing exploits Use MSFvenom to evade detection Integrate with Nmap, Nessus, and the Social-Engineer Toolkit Whether you're a cybersecurity professional, ethical hacker, or IT administrator, this second edition of Metasploit: The Penetration Tester's Guide is your key to staying ahead in the ever-evolving threat landscape. Inhaltsverzeichnis Foreword by HD Moore Chapter 1: The Absolute Basics of Penetration Testing Chapter 2: Metasploit Fundamentals Chapter 3: Intelligence Gathering Chapter 4: Vulnerability Analysis Chapter 5: The Joy of Exploitation Chapter 6: Meterpreter Chapter 7: Avoiding Detection Chapter 8: Client-Side Attacks Chapter 9: Auxiliary Modules Chapter 10: Social Engineering Chapter 11: Wireless Attacks Chapter 12: Porting Exploits to the Framework Chapter 13: Building Your Own Modules Chapter 14: Creating Your Own Exploits Chapter 15: Simulated Penetration Test Chapter 16: Pentesting the Cloud Appendix A: Configuring Your Lab Environment App...

Auteur

David Kennedy

Texte du rabat

The new and improved guide to penetration testing using the legendary Metasploit Framework.

Metasploit: The Penetration Tester’s Guide has been the definitive security assessment resource for over a decade. The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless, but using it can be challenging for newcomers.

Written by renowned ethical hackers and industry experts, this fully updated second edition includes:

• Advanced Active Directory and cloud penetration testing
• Modern evasion techniques and payload encoding
• Malicious document generation for client-side exploitation

• Coverage of recently added modules and commands
  Starting with Framework essentials—exploits, payloads, Meterpreter, and auxiliary modules—you’ll progress to advanced methodologies aligned with the Penetration Test Execution Standard (PTES). Through real-world examples and simulated penetration tests, you’ll:

• Conduct network reconnaissance and analyze vulnerabilities
• Execute wireless network and social engineering attacks
• Perform post-exploitation techniques, including privilege escalation
• Develop custom modules in Ruby and port existing exploits
• Use MSFvenom to evade detection
• Integrate with Nmap, Nessus, and the Social-Engineer Toolkit
  Whether you’re a cybersecurity professional, ethical hacker, or IT administrator, this second edition of Metasploit: The Penetration Tester’s Guide is your key to staying ahead in the ever-evolving threat landscape.

Contenu
Foreword by HD Moore
Chapter 1: The Absolute Basics of Penetration Testing
Chapter 2: Metasploit Fundamentals
Chapter 3: Intelligence Gathering
Chapter 4: Vulnerability Analysis
Chapter 5: The Joy of Exploitation
Chapter 6: Meterpreter
Chapter 7: Avoiding Detection
Chapter 8: Client-Side Attacks
Chapter 9: Auxiliary Modules
Chapter 10: Social Engineering
Chapter 11: Wireless Attacks
Chapter 12: Porting Exploits to the Framework
Chapter 13: Building Your Own Modules
Chapter 14: Creating Your Own Exploits
Chapter 15: Simulated Penetration Test
Chapter 16: Pentesting the Cloud
Appendix A: Configuring Your Lab Environment
Appendix B: Cheat Sheet