Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from The Complete Metasploit Guide Explore effective penetration testing techniques with Metasploit

Product type Course

Published in Jun 2019

Publisher Packt

ISBN-13 9781838822477

Length 660 pages

Edition 1st Edition

Languages

Ruby

Tools

Metasploit

Concepts

Penetration Testing

Authors (2):

Sagar Rahalkar

Nipun Jaswal

View More author details

Table of Contents (28) Chapters

Title Page

The Complete Metasploit Guide

About Packt

Contributors

Preface

1. Introduction to Metasploit and Supporting Tools FREE CHAPTER

2. Setting up Your Environment

3. Metasploit Components and Environment Configuration

4. Information Gathering with Metasploit

5. Vulnerability Hunting with Metasploit

6. Client-side Attacks with Metasploit

7. Web Application Scanning with Metasploit

8. Antivirus Evasion and Anti-Forensics

9. Cyber Attack Management with Armitage

10. Extending Metasploit and Exploit Development

11. Approaching a Penetration Test Using Metasploit

12. Reinventing Metasploit

13. The Exploit Formulation Process

14. Porting Exploits

15. Testing Services with Metasploit

16. Virtual Test Grounds and Staging

17. Client-Side Exploitation

18. Metasploit Extended

19. Evasion with Metasploit

20. Metasploit for Secret Agents

21. Visualizing with Armitage

22. Tips and Tricks

1. Other Books You May Enjoy

Leave a review - let other readers know what you think

Summary

Throughout this chapter, we looked at specialized tools and techniques that can aid law enforcement agencies. However, all these techniques must be carefully practiced as specific laws may restrict you while performing these exercises. Nevertheless, throughout this chapter, we covered how we could proxy Meterpreter sessions. We looked at APT techniques for gaining persistence, harvesting files from the target systems, using venom to obfuscate payloads, and how to cover tracks using anti-forensic third-party modules in Metasploit.

Try the following exercises:

Try using Metasploit aggregator once its fixed officially
Complete the code cave exercise and try binding legit DLLs to the payloads without crash the original application
Build your own post-exploitation module for DLL planting method

In the upcoming chapter, we will switch to the infamous Armitage tool and will...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (2)

Sagar Rahalkar

Sagar Rahalkar is a seasoned information security professional having more than 10 years of comprehensive experience in various verticals of IS. His domain expertise is mainly into breach detection, cyber crime investigations, digital forensics, application security, vulnerability assessment and penetration testing, compliance for mandates and regulations, IT GRC, and much more. He holds a masters degree in computer science and several industry-recognized certifications such as Certified Cyber Crime Investigator, Certified Ethical Hacker, Certified Security Analyst, ISO 27001 Lead Auditor, IBM certified Specialist-Rational AppScan, Certified Information Security Manager (CISM), and PRINCE2. He has been closely associated with Indian law enforcement agencies for more than 3 years dealing with digital crime investigations and related training and received several awards and appreciations from senior officials of the police and defense organizations in India. Sagar has also been a reviewer and author for various books and online publications.

See other products by Sagar Rahalkar

Nipun Jaswal

Nipun Jaswal is an international cybersecurity author and an award-winning IT security researcher with more than a decade of experience in penetration testing, Red Team assessments, vulnerability research, RF, and wireless hacking. He is presently the Director of Cybersecurity Practices at BDO India. Nipun has trained and worked with multiple law enforcement agencies on vulnerability research and exploit development. He has also authored numerous articles and exploits that can be found on popular security databases, such as PacketStorm and exploit-db. Please feel free to contact him at @nipunjaswal.

See other products by Nipun Jaswal