Packt+ | Advance your knowledge in tech

You're reading from Mastering Metasploit With this tutorial you can improve your Metasploit skills and learn to put your network's defenses to the ultimate test. The step-by-step approach teaches you the techniques and languages needed to become an expert.

Product type Paperback

Published in May 2014

Publisher Packt

ISBN-13 9781782162223

Length 378 pages

Edition Edition

Tools

Metasploit

Concepts

Penetration Testing

Author (1):

Nipun Jaswal

View More author details

Table of Contents (17) Chapters

Mastering Metasploit

Credits

About the Author

About the Reviewers

www.PacktPub.com

Preface

1. Approaching a Penetration Test Using Metasploit FREE CHAPTER

2. Reinventing Metasploit

3. The Exploit Formulation Process

4. Porting Exploits

5. Offstage Access to Testing Services

6. Virtual Test Grounds and Staging

7. Sophisticated Client-side Attacks

8. The Social Engineering Toolkit

9. Speeding Up Penetration Testing

10. Visualizing with Armitage

Index

Providing additional features and further readings

SET is comprised of too many attacks, and covering them all here will push us beyond the scope of the book. However, some more information about attacks with SET can be found at http://www.social-engineer.org/framework/se-tools/computer-based/social-engineer-toolkit-set/.

SET can also be made to run against wireless vectors. More information on wireless attacks with SET can be found at http://resources.infosecinstitute.com/raising-a-rogue-access-point/.

The SET web interface

SET also provides a user-friendly web interface that is run by typing in the following command:

After the interface gets bound to http://127.0.0.1 on port 4444, we can simply browse to this address via a web browser and graphically initiate attack vectors. This is shown in the following screenshot:

Automating SET attacks

Attacks in SET can be automated too, like we did earlier for Metasploit. Here, instead of using resource scripts, a normal text file is enough to automate...