Chapter 7. Metasploit and Web
Metasploit is perhaps the most versatile, freely-available, penetration testing framework ever to be made. It is currently developed by Rapid7, Inc. This framework was started by a security professional named H. D. Moore in 2003, and since then this framework has gone through excessive research and development. Metasploit Framework is often abbreviated as MSF in written or verbal forms.
The framework comes with different modules which are key parts of it. They aid in customizing and writing different sorts of exploits—software, web applications, and so on. A major part of the framework has been covered in the book Mastering Metasploit by Nipun Jaswal, Packt Publishing. For this book, we'll only go through the topics needed for web application security.
We are going to cover the following topics:
- Metasploit modules
- Msfconsole
- Auxiliary modules related to web applications
- WMAP – Metasploit's Web Application Security Scanner
- Generating...