Real pentesting with Metasploit
We have talked quite a bit about Metasploit throughout this book, and have even used a few modules within Metasploit to help us assess various exercises throughout this book – however, these examples have only been skimming the surface of what Metasploit really is and the potential it has with pentesting and ethical hacking in the cloud.
Metasploit has mixed reviews from some of us in the pentesting community because it helps automate a lot of our processes and can be thought of as being cheap or a script kiddie when relying on automated tools to help you pentest. However, coming from someone who pentests for a living, Metasploit provides a great advantage and automates a lot of the boring and easy stuff, as well as allowing you to focus on more detailed portions of an assessment that need a more manual approach. We will see, throughout this chapter, how to leverage Metasploit while also using other various techniques to help us exploit services...
