Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Newsletter Hub

Free Learning

Metasploit Penetration Testing Cookbook: Evade antiviruses, bypass firewalls, and exploit complex environments with the most widely used penetration testing framework , Third Edition

Teixeira

Nipun Jaswal

Singh

Agarwal

$48.99

3.8 (5 Ratings)

Paperback Feb 2018 426 pages 3rd Edition

Teixeira

Nipun Jaswal

Singh

Agarwal

$48.99

3.8 (5 Ratings)

Paperback Feb 2018 426 pages 3rd Edition

What do you get with Print?

Instant access to your digital eBook copy whilst your Print order is Shipped

Paperback book shipped to your preferred address

Download this book in EPUB and PDF formats

Access this title in our online reader with advanced features

DRM FREE - Read whenever, wherever and however you want

View table of contents

Preview Book

Key benefits

•Special focus on the latest operating systems, exploits, and penetration testing techniques
•Learn new anti-virus evasion techniques and use Metasploit to evade countermeasures
•Automate post exploitation with AutoRunScript
•Exploit Android devices, record audio and video, send and read SMS, read call logs, and much more
•Build and analyze Metasploit modules in Ruby
•Integrate Metasploit with other penetration testing tools

Description

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports. In this book, you will go through great recipes that will allow you to start using Metasploit effectively. With an ever increasing level of complexity, and covering everything from the fundamentals to more advanced features in Metasploit, this book is not just for beginners but also for professionals keen to master this awesome tool. You will begin by building your lab environment, setting up Metasploit, and learning how to perform intelligence gathering, threat modeling, vulnerability analysis, exploitation, and post exploitation—all inside Metasploit. You will learn how to create and customize payloads to evade anti-virus software and bypass an organization's defenses, exploit server vulnerabilities, attack client systems, compromise mobile phones, automate post exploitation, install backdoors, run keyloggers, highjack webcams, port public exploits to the framework, create your own modules, and much more.

Who is this book for?

If you are a Security professional or pentester and want to get into vulnerability exploitation and make the most of the Metasploit framework, then this book is for you. Some prior understanding of penetration testing and Metasploit is required.

What you will learn

•Set up a complete penetration testing environment using Metasploit and virtual machines
•Master the world s leading penetration testing tool and use it in professional penetration testing
•Make the most of Metasploit with PostgreSQL, importing scan results, using workspaces, hosts, loot, notes, services, vulnerabilities, and exploit results
•Use Metasploit with the Penetration Testing Execution Standard methodology
•Use MSFvenom efficiently to generate payloads and backdoor files, and create shellcode
•Leverage Metasploit s advanced options, upgrade sessions, use proxies, use Meterpreter sleep control, and change timeouts to be stealthy

Estimated delivery fee Deliver to Japan

Standard delivery 10 - 13 business days

$8.95

Premium delivery 3 - 6 business days

$34.95

(Includes tracking information)

What do you get with Print?

Instant access to your digital eBook copy whilst your Print order is Shipped

Paperback book shipped to your preferred address

Download this book in EPUB and PDF formats

Access this title in our online reader with advanced features

DRM FREE - Read whenever, wherever and however you want

Estimated delivery fee Deliver to Japan

Standard delivery 10 - 13 business days

$8.95

Premium delivery 3 - 6 business days

$34.95

(Includes tracking information)

Product Details

Publication date : Feb 26, 2018

Length: 426 pages

Edition : 3rd

Language : English

ISBN-13 : 9781788623179

Category :

Security

Languages :

Ruby

Concepts :

Penetration Testing

Tools :

Metasploit

Frequently bought together

Advanced Infrastructure Penetration Testing

Feb 2018 396 pages

2.4 (8)

eBook

$9.99 ~~$39.99~~

Web Penetration Testing with Kali Linux

Feb 2018 426 pages

4.2 (5)

eBook

$9.99 ~~$43.99~~

Metasploit Penetration Testing Cookbook

Feb 2018 426 pages

3.8 (5)

eBook

$9.99 ~~$39.99~~

Total $ 152.97

$48.99

$54.99

$48.99

Total $ 152.97

14 Chapters

Metasploit Quick Tips for Security Professionals

Introduction

Installing Metasploit on Windows

Installing Linux and macOS

Installing Metasploit on macOS

Using Metasploit in Kali Linux

Setting up a penetration-testing lab

Setting up SSH connectivity

Connecting to Kali using SSH

Configuring PostgreSQL

Creating workspaces

Using the database

Using the hosts command

Understanding the services command

Information Gathering and Scanning

Introduction

Passive information gathering with Metasploit

Active information gathering with Metasploit

Port scanning—the Nmap way

Port scanning—the db_nmap way

Host discovery with ARP Sweep

UDP Service Sweeper

SMB scanning and enumeration

Detecting SSH versions with the SSH Version Scanner

WinRM scanning and brute forcing

Integrating with Nessus

Integrating with NeXpose

Integrating with OpenVAS

Server-Side Exploitation

Introduction

Exploiting a Linux server

SQL injection

Types of shell

Exploiting a Windows Server machine

Exploiting common services

MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption

MS17-010 EternalRomance/EternalSynergy/EternalChampion

Installing backdoors

Denial of Service

Meterpreter

Introduction

Understanding the Meterpreter core commands

Understanding the Meterpreter filesystem commands

Understanding Meterpreter networking commands

Understanding the Meterpreter system commands

Setting up multiple communication channels with the target

Meterpreter anti-forensics

The getdesktop and keystroke sniffing

Using a scraper Meterpreter script

Scraping the system using winenum

Automation with AutoRunScript

Meterpreter resource scripts

Meterpreter timeout control

Meterpreter sleep control

Meterpreter transports

Interacting with the registry

Loading framework plugins

Meterpreter API and mixins

Railgun—converting Ruby into a weapon

Adding DLL and function definitions to Railgun

Injecting the VNC server remotely

Enabling Remote Desktop

Post-Exploitation

Introduction

Post-exploitation modules

Bypassing UAC

Dumping the contents of the SAM database

Passing the hash

Incognito attacks with Meterpreter

Using Mimikatz

Setting up a persistence with backdoors

Becoming TrustedInstaller

Backdooring Windows binaries

Pivoting with Meterpreter

Port forwarding with Meterpreter

Credential harvesting

Enumeration modules

Autoroute and socks proxy server

Analyzing an existing post-exploitation module

Writing a post-exploitation module

Using MSFvenom

Introduction

Payloads and payload options

Encoders

Output formats

Templates

Meterpreter payloads with trusted certificates

Client-Side Exploitation and Antivirus Bypass

Introduction

Exploiting a Windows 10 machine

Bypassing antivirus and IDS/IPS

Metasploit macro exploits

Human Interface Device attacks

HTA attack

Backdooring executables using a MITM attack

Creating a Linux trojan

Creating an Android backdoor

Social-Engineer Toolkit

Introduction

Getting started with the Social-Engineer Toolkit

Working with the spear-phishing attack vector

Website attack vectors

Working with the multi-attack web method

Infectious media generator

Working with Modules for Penetration Testing

Introduction

Working with auxiliary modules

DoS attack modules

Post-exploitation modules

Understanding the basics of module building

Analyzing an existing module

Building your own post-exploitation module

Building your own auxiliary module

Exploring Exploits

Introduction

Common exploit mixins

Exploiting the module structure

Using MSFvenom to generate shellcode

Converting an exploit to a Metasploit module

Porting and testing the new exploit module

Fuzzing with Metasploit

Writing a simple fuzzer

Wireless Network Penetration Testing

Introduction

Metasploit and wireless

Understanding an evil twin attack

Configuring Karmetasploit

Wireless MITM attacks

SMB relay attacks

Cloud Penetration Testing

Introduction

Metasploit in the cloud

Metasploit PHP Hop

Phishing from the cloud

Setting up a cloud penetration testing lab

Best Practices

Introduction

Best practices

Using Metasploit over the Tor network

Metasploit logging

Documentation

Cleaning up

Other Books You May Enjoy

Leave a review - let other readers know what you think

Recommendations for you

CompTIA Security+ SY0-701 Certification Guide

Jan 2024 634 pages

4.9 (226)

Paperback

$44.99

Bash Shell Scripting for Pentesters

Dec 2024 402 pages

eBook

$9.99 ~~$35.99~~

Microsoft Defender for Identity in Depth

Dec 2024 380 pages

eBook

$9.99 ~~$35.99~~

The Ultimate Kali Linux Book

Apr 2024 828 pages

4.8 (27)

eBook

$9.99 ~~$43.99~~

Mastering Linux Security and Hardening

Feb 2023 618 pages

4.6 (34)

eBook

$9.99 ~~$39.99~~

Malware Development for Ethical Hackers

Jun 2024 390 pages

4.3 (9)

eBook

$9.99 ~~$43.99~~

Mastering Microsoft Intune

Mar 2024 822 pages

4.6 (26)

eBook

$9.99 ~~$43.99~~

CISA – Certified Information Systems Auditor Study Guide

Oct 2024 356 pages

eBook

$9.99 ~~$39.99~~

Adversarial AI Attacks, Mitigations, and Defense Strategies

Jul 2024 586 pages

4.9 (13)

eBook

$9.99 ~~$39.99~~

Generative AI and its impact on CyberSecurity

Nov 2024 2hrs 47mins

Video

$9.99 ~~$89.99~~

Customer reviews

Rating distribution

3.8

(5 Ratings)

5 star 40%

4 star 40%

3 star 0%

2 star 0%

1 star 20%

Hugo Bolé Jul 19, 2018

3 adjectives for this book: Practical, Objective, Excellent!

Amazon Verified review

Neetu Kaur Sep 27, 2021

This is very helpful

Amazon Verified review

Nasikh Yishrael Sep 04, 2024

Feefo Verified review

S1n0xt0n Nov 16, 2018

A great introduction to Metasploit Penetration Testing. I love the hands on approach to learning. I liked the organization of the chapters and their approach. Some topics, I thought could be more in depth...

Amazon Verified review

Noe Nevarez Aug 29, 2020

I had a hard time reading the ebook translated pages when configurations and command-line commands were shown. It appears the transformation (book to ebook) didn't result in an easily readable output.

Amazon Verified review

People who bought this also bought

Mastering Linux Security and Hardening

Feb 2023 618 pages

4.6 (34)

eBook

$9.99 ~~$39.99~~

Cybersecurity – Attack and Defense Strategies, 3rd edition

Sep 2022 570 pages

4.9 (42)

eBook

$9.99 ~~$33.99~~

Mastering Windows Security and Hardening

Aug 2022 816 pages

4.8 (20)

eBook

$9.99 ~~$43.99~~

Digital Forensics and Incident Response

Dec 2022 532 pages

4.9 (15)

eBook

$9.99 ~~$43.99~~

Learn Computer Forensics – 2nd edition

Jul 2022 434 pages

4.8 (63)

eBook

$9.99 ~~$39.99~~

About the 4 authors

Teixeira

Daniel Teixeira is an IT security expert, author, and trainer, specializing in red team engagements, penetration testing, and vulnerability assessments. His main areas of focus are adversary simulation, emulation of modern adversarial tactics, techniques and procedures; vulnerability research, and exploit development.

See other products by Teixeira

Nipun Jaswal

Nipun Jaswal is an international cybersecurity author and an award-winning IT security researcher with more than a decade of experience in penetration testing, Red Team assessments, vulnerability research, RF, and wireless hacking. He is presently the Director of Cybersecurity Practices at BDO India. Nipun has trained and worked with multiple law enforcement agencies on vulnerability research and exploit development. He has also authored numerous articles and exploits that can be found on popular security databases, such as PacketStorm and exploit-db. Please feel free to contact him at @nipunjaswal.

See other products by Nipun Jaswal

Singh

Contacted on 12/01/18 by Davis Anto

See other products by Singh

Agarwal

Deepak Agarwal is a Microsoft Certified Professional who has more than 6 years of relevant experience. He has worked with different versions of Axapta, such as AX 2009, AX 2012, and Dynamics 365. He has had a wide range of development, consulting, and leading roles, while always maintaining a significant role as a business application developer. Although his strengths are rooted in X++ development, he is a highly regarded developer and expert in the technical aspects of Dynamics AX development and customization. He has also worked on base product development with the Microsoft team. He was awarded the Most Valuable Professional (MVP) award from Microsoft for Dynamics AX four times in a row, and he has held this title since 2013. He shares his experience with Dynamics AX on his blog: Axapta V/s Me Deepak has also worked on the following Packt books: Microsoft Dynamics AX 2012 R3 Reporting Cookbook Dynamics AX 2012 Reporting Cookbook Microsoft Dynamics AX 2012 Programming: Getting Started

See other products by Agarwal

FAQs

What is the delivery time and cost of print book?

Shipping Details

USA:

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.

Unfortunately, due to several restrictions, we are unable to ship to the following countries:

Afghanistan
American Samoa
Belarus
Brunei Darussalam
Central African Republic
The Democratic Republic of Congo
Eritrea
Guinea-bissau
Iran
Lebanon
Libiya Arab Jamahriya
Somalia
Sudan
Russian Federation
Syrian Arab Republic
Ukraine
Venezuela

What is custom duty/charge?

Customs duty are charges levied on goods when they cross international borders. It is a tax that is imposed on imported goods. These duties are charged by special authorities and bodies created by local governments and are meant to protect local industries, economies, and businesses.

Do I have to pay customs charges for the print book order?

The orders shipped to the countries that are listed under EU27 will not bear custom charges. They are paid by Packt as part of the order.

List of EU27 countries: www.gov.uk/eu-eea:

A custom duty or localized taxes may be applicable on the shipment and would be charged by the recipient country outside of the EU27 which should be paid by the customer and these duties are not included in the shipping charges been charged on the order.

How do I know my custom duty charges?

The amount of duty payable varies greatly depending on the imported goods, the country of origin and several other factors like the total invoice amount or dimensions like weight, and other such criteria applicable in your country.

For example:

If you live in Mexico, and the declared value of your ordered items is over $ 50, for you to receive a package, you will have to pay additional import tax of 19% which will be $ 9.50 to the courier service.
Whereas if you live in Turkey, and the declared value of your ordered items is over € 22, for you to receive a package, you will have to pay additional import tax of 18% which will be € 3.96 to the courier service.

How can I cancel my order?

Cancellation Policy for Published Printed Books:

You can cancel any order within 1 hour of placing the order. Simply contact customercare@packt.com with your order details or payment transaction id. If your order has already started the shipment process, we will do our best to stop it. However, if it is already on the way to you then when you receive it, you can contact us at customercare@packt.com using the returns and refund process.

Please understand that Packt Publishing cannot provide refunds or cancel any order except for the cases described in our Return Policy (i.e. Packt Publishing agrees to replace your printed book because it arrives damaged or material defect in book), Packt Publishing will not accept returns.

What is your returns and refunds policy?

Return Policy:

We want you to be happy with your purchase from Packtpub.com. We will not hassle you with returning print books to us. If the print book you receive from us is incorrect, damaged, doesn't work or is unacceptably late, please contact Customer Relations Team on customercare@packt.com with the order number and issue details as explained below:

If you ordered (eBook, Video or Print Book) incorrectly or accidentally, please contact Customer Relations Team on customercare@packt.com within one hour of placing the order and we will replace/refund you the item cost.
Sadly, if your eBook or Video file is faulty or a fault occurs during the eBook or Video being made available to you, i.e. during download then you should contact Customer Relations Team within 14 days of purchase on customercare@packt.com who will be able to resolve this issue for you.
You will have a choice of replacement or refund of the problem items.(damaged, defective or incorrect)
Once Customer Care Team confirms that you will be refunded, you should receive the refund within 10 to 12 working days.
If you are only requesting a refund of one book from a multiple order, then we will refund you the appropriate single item.
Where the items were shipped under a free shipping offer, there will be no shipping costs to refund.

On the off chance your printed book arrives damaged, with book material defect, contact our Customer Relation Team on customercare@packt.com within 14 days of receipt of the book with appropriate evidence of damage and we will work with you to secure a replacement copy, if necessary. Please note that each printed book you order from us is individually made by Packt's professional book-printing partner which is on a print-on-demand basis.

What tax is charged?

Currently, no tax is charged on the purchase of any print book (subject to change based on the laws and regulations). A localized VAT fee is charged only to our European and UK customers on eBooks, Video and subscriptions that they buy. GST is charged to Indian customers for eBooks and video purchases.

What payment methods can I use?

You can pay with the following card types:

Visa Debit
Visa Credit
MasterCard
PayPal

What is the delivery time and cost of print books?

Shipping Details

USA:

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Unfortunately, due to several restrictions, we are unable to ship to the following countries:

Afghanistan
American Samoa
Belarus
Brunei Darussalam
Central African Republic
The Democratic Republic of Congo
Eritrea
Guinea-bissau
Iran
Lebanon
Libiya Arab Jamahriya
Somalia
Sudan
Russian Federation
Syrian Arab Republic
Ukraine
Venezuela

Metasploit Penetration Testing Cookbook: Evade antiviruses, bypass firewalls, and exploit complex environments with the most widely used penetration testing framework , Third Edition

What do you get with Print?

Contact Details

Shipping Address

Billing Address

Key benefits

Description

Who is this book for?

What you will learn

Product Details

What do you get with Print?

Contact Details

Shipping Address

Billing Address

Product Details

Packt Subscriptions

Frequently bought together

Table of Contents

Recommendations for you

Customer reviews

People who bought this also bought

About the 4 authors

FAQs