Packt+ | Advance your knowledge in tech

You're reading from Metasploit Revealed: Secrets of the Expert Pentester Build your defense against complex attacks

Product type Course

Published in Dec 2017

Publisher

ISBN-13 9781788624596

Length 860 pages

Edition 1st Edition

Tools

Metasploit

Concepts

Penetration Testing

Authors (2):

Nipun Jaswal

Sagar Rahalkar

View More author details

Table of Contents (35) Chapters

Title Page

Credits

Preface

1. Module 1 FREE CHAPTER

Metasploit for Beginners

2. Introduction to Metasploit and Supporting Tools

3. Setting up Your Environment

4. Metasploit Components and Environment Configuration

5. Information Gathering with Metasploit

6. Vulnerability Hunting with Metasploit

7. Client-side Attacks with Metasploit

8. Web Application Scanning with Metasploit

9. Antivirus Evasion and Anti-Forensics

10. Cyber Attack Management with Armitage

11. Extending Metasploit and Exploit Development

12. Module 2

Mastering Metasploit

13. Approaching a Penetration Test Using Metasploit

14. Reinventing Metasploit

15. The Exploit Formulation Process

16. Porting Exploits

17. Testing Services with Metasploit

18. Virtual Test Grounds and Staging

19. Client-side Exploitation

20. Metasploit Extended

21. Speeding up Penetration Testing

22. Visualizing with Armitage

23. Module 3

Metasploit Bootcamp

24. Getting Started with Metasploit

25. Identifying and Scanning Targets

26. Exploitation and Gaining Access

27. Post-Exploitation with Metasploit

28. Testing Services with Metasploit

29. Fast-Paced Exploitation with Metasploit

30. Exploiting Real-World Challenges with Metasploit

31. Bibliography

32. Thanks page

Adding external exploits to Metasploit

New vulnerabilities across various applications and products are found on a daily basis. For most newly found vulnerabilities, an exploit code is also made public. Now, the exploit code is quite often in a raw format (just like a shellcode) and not readily usable. Also, it might take some time before the exploit is officially made available as a module within the Metasploit Framework. However, we can manually add an external exploit module in the Metasploit Framework and use it like any other existing exploit module. Let's take an example of the MS17-010 vulnerability that was recently used by the Wannacry ransomware. By default, the exploit code for MS17-010 isn't available within the Metasploit Framework.

Let's start by downloading the MS17-010 module from the exploit database.

Note

Did you know? Exploit-DB located at https://www.exploit-db.com is one of the most trusted and updated sources for getting new exploits for a variety of platforms, products...

The rest of the chapter is locked

You're reading from Metasploit Revealed: Secrets of the Expert Pentester Build your defense against complex attacks

Table of Contents (35) Chapters

Adding external exploits to Metasploit

Note

Unlock this book and the full library FREE for 7 days

Authors (2)

Personalised recommendations for you