Title Page

Credits

Preface

1. Module 1 FREE CHAPTER

• Metasploit for Beginners

2. Introduction to Metasploit and Supporting Tools

• The importance of penetration testing
• Vulnerability assessment versus penetration testing
• The need for a penetration testing framework
• Introduction to Metasploit
• When to use Metasploit?
• Making Metasploit effective and powerful using supplementary tools
• Summary
• Exercises

3. Setting up Your Environment

• Using the Kali Linux virtual machine - the easiest way
• Installing Metasploit on Windows
• Installing Metasploit on Linux
• Setting up exploitable targets in a virtual environment
• Summary
• Exercises

4. Metasploit Components and Environment Configuration

• Anatomy and structure of Metasploit
• Metasploit components
• Playing around with msfconsole
• Variables in Metasploit
• Updating the Metasploit Framework
• Summary
• Exercises

5. Information Gathering with Metasploit

• Information gathering and enumeration
• Password sniffing
• Advanced search with shodan
• Summary
• Exercises

6. Vulnerability Hunting with Metasploit

• Managing the database
• NMAP
• Nessus
• Vulnerability detection with Metasploit auxiliaries
• Auto exploitation with db_autopwn
• Post exploitation
• Summary
• Exercises

7. Client-side Attacks with Metasploit

• Need of client-side attacks
• The msfvenom utility
• Social Engineering with Metasploit
• Browser Autopwn
• Summary
• Exercises

8. Web Application Scanning with Metasploit

• Setting up a vulnerable application
• Web application scanning using WMAP
• Metasploit Auxiliaries for Web Application enumeration and scanning
• Summary
• Exercises

9. Antivirus Evasion and Anti-Forensics

• Using encoders to avoid AV detection
• Anti-forensics
• Summary
• Exercises

10. Cyber Attack Management with Armitage

• What is Armitage?
• Starting the Armitage console
• Scanning and enumeration
• Find and launch attacks
• Summary
• Exercises

11. Extending Metasploit and Exploit Development

• Exploit development concepts
• Exploit templates and mixins
• Adding external exploits to Metasploit
• Summary
• Exercises

12. Module 2

• Mastering Metasploit

13. Approaching a Penetration Test Using Metasploit

• Organizing a penetration test
• Preinteractions
• Intelligence gathering/reconnaissance phase
• Predicting the test grounds
• Setting up Kali Linux in virtual environment
• The fundamentals of Metasploit
• Conducting a penetration test with Metasploit
• Benefits of penetration testing using Metasploit
• Penetration testing an unknown network
• Using databases in Metasploit
• Modeling threats
• Vulnerability analysis of VSFTPD 2.3.4 backdoor
• Vulnerability analysis of PHP-CGI query string parameter vulnerability
• Vulnerability analysis of HFS 2.3
• Maintaining access
• Clearing tracks
• Revising the approach
• Summary

14. Reinventing Metasploit

• Ruby – the heart of Metasploit
• Developing custom modules
• Breakthrough meterpreter scripting
• Working with RailGun
• Summary

15. The Exploit Formulation Process

• The absolute basics of exploitation
• Exploiting stack-based buffer overflows with Metasploit
• Exploiting SEH-based buffer overflows with Metasploit
• Bypassing DEP in Metasploit modules
• Other protection mechanisms
• Summary

16. Porting Exploits

• Importing a stack-based buffer overflow exploit
• Importing web-based RCE into Metasploit
• Importing TCP server/ browser-based exploits into Metasploit
• Summary

17. Testing Services with Metasploit

• The fundamentals of SCADA
• Database exploitation
• Testing VOIP services
• Summary

18. Virtual Test Grounds and Staging

• Performing a penetration test with integrated Metasploit services
• Summary

19. Client-side Exploitation

• Exploiting browsers for fun and profit
• Metasploit and Arduino - the deadly combination
• File format-based exploitation
• Compromising Linux clients with Metasploit
• Attacking Android with Metasploit
• Summary

20. Metasploit Extended

• The basics of post exploitation with Metasploit
• Basic post exploitation commands
• Additional post exploitation modules
• Advanced extended features of Metasploit
• Summary

21. Speeding up Penetration Testing

• The loadpath command
• Pacing up development using reload, edit and reload_all commands
• Automating Social-Engineering Toolkit
• Summary

22. Visualizing with Armitage

• The fundamentals of Armitage
• Scanning networks and host management
• Exploitation with Armitage
• Post-exploitation with Armitage
• Attacking on the client side with Armitage
• Scripting Armitage
• Summary
• Further reading

23. Module 3

• Metasploit Bootcamp

24. Getting Started with Metasploit

• The fundamentals of Metasploit
• Benefits of using Metasploit
• Penetration testing with Metasploit
• Phase-I: footprinting and scanning
• Phase-II: gaining access to the target
• Phase-III: maintaining access / post-exploitation / covering tracks
• Summary and exercises

25. Identifying and Scanning Targets

• Working with FTP servers using Metasploit
• Scanning MSSQL servers with Metasploit
• Scanning SNMP services with Metasploit
• Scanning NetBIOS services with Metasploit
• Scanning HTTP services with Metasploit
• Scanning HTTPS/SSL with Metasploit
• Summary and exercises

26. Exploitation and Gaining Access

• Setting up the practice environment
• Exploiting applications with Metasploit
• Converting exploits to Metasploit
• Summary and exercises

27. Post-Exploitation with Metasploit

• Extended post-exploitation with Metasploit
• Metasploit and privilege escalation
• Gaining persistent access with Metasploit
• Summary

28. Testing Services with Metasploit

• Testing MySQL with Metasploit
• Summary and exercises

29. Fast-Paced Exploitation with Metasploit

• Using pushm and popm commands
• Making use of resource scripts
• Using AutoRunScript in Metasploit
• Global variables in Metasploit
• Wrapping up and generating manual reports
• Summary and preparation for real-world scenarios

30. Exploiting Real-World Challenges with Metasploit

• Scenario 1: Mirror environment
• Scenario 2: You can't see my meterpreter
• Further roadmap and summary

31. Bibliography

32. Thanks page

• About Packt Publishing
• Writing for Packt