Book Image

Learning Metasploit Exploitation and Development

By : Aditya Balapure
Book Image

Learning Metasploit Exploitation and Development

By: Aditya Balapure

Overview of this book

<p>Metasploit is an open source exploit framework that provides you with heaps of exploits, as well as tools to assist you in creating your own exploits. This includes the ability to generate a large range of shellcodes for different purposes and platforms that can be customized to attack your target. The recent improvements in network security mechanisms have given rise to new trends and techniques of compromising a network. This book deals with these recent trends and attack tips to compromise the weakest to the strongest of networks. Metasploit Exploitation and Development describes actual penetration testing skills and ways to penetrate and assess different types of networks.<br /><br />Metasploit Exploitation and Development is a perfect fit for hackers who want to develop some real exploitation skills. This book has been designed with a practical approach which emphasizes hands-on rather than theoretical reading. It covers all the new exploits for new operating systems and tips from the experience of real hackers. This is a best buy book for learning the art of exploitation and skills of a penetration tester.<br /><br />Metasploit Exploitation and Development is a guide to real network hacking with the best tricks to master the art of exploitation.</p> <p><br />This book has been designed in well-defined stages so the reader learns more effectively. From the actual setup to vulnerability assessment, this book provides an individual with in-depth knowledge of an expert penetration tester. The book deals with vulnerability assessment exercises with some of the industrially-used tools and report-making tips. It covers topics such as client exploitation, backdoors, post exploitation, and also exploitation development with Metasploit.<br />This book has been developed with a practical hands-on approach so that readers can effectively try and test what they actually read.</p> <p><br />Metasploit Exploitation and Development covers the experience of real network hacking with some of the latest operating systems. The readers will go through a journey in which they will learn from basic to advanced levels of the art of exploitation.</p> <p><br />This book covers real hacking and exploitation of the current vulnerabilities in some of the latest operating systems.</p>

Related Content you might be interested in

Current Title:

Small book image
Learning Metasploit Exploitation and Development
Aditya Balapure
Jul, 2013 | 294 pages
No titles found
Table of Contents (20 chapters)
Learning Metasploit Exploitation and Development
Learning Metasploit Exploitation and Development
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Lab Setup
Lab Setup
Installing Oracle VM VirtualBox
Installing WindowsXP on Oracle VM VirtualBox
Installing BackTrack5 R2 on Oracle VM Virtual Box
Summary
2
Metasploit Framework Organization
Metasploit Framework Organization
Metasploit interfaces and basics
Exploit modules
Payloads – in-depth
Summary
References
3
Exploitation Basics
Exploitation Basics
Basic terms of exploitation
Summary
References
4
Meterpreter Basics
Meterpreter Basics
Working of the Meterpreter
Meterpreter in action
Summary
References
5
Vulnerability Scanning and Information Gathering
Vulnerability Scanning and Information Gathering
Information Gathering through Metasploit
Active Information Gathering
Working with Nmap
Working with Nessus
Report importing in Metasploit
Summary
References
6
Client-side Exploitation
Client-side Exploitation
What are client-side attacks?
Summary
References
7
Post Exploitation
Post Exploitation
What is post exploitation?
Summary
References
8
Post Exploitation – Privilege Escalation
Post Exploitation – Privilege Escalation
Understanding Privilege Escalation
Summary
References
9
Post Exploitation – Cleaning Up Traces
Post Exploitation – Cleaning Up Traces
Disabling firewalls and other network defenses
Summary
References
10
Post Exploitation – Backdoors
Post Exploitation – Backdoors
What is a backdoor?
Creating an EXE backdoor
Summary
References
11
Post Exploitation – Pivoting and Network Sniffing
Post Exploitation – Pivoting and Network Sniffing
What is pivoting?
Pivoting in a network
Sniffing in a network
Summary
References
12
Exploit Research with Metasploit
Exploit Research with Metasploit
Exploit writing tips and tricks
Writing exploits
Scripting with Metasploit
Summary
References
13
Using Social Engineering Toolkit and Armitage
Using Social Engineering Toolkit and Armitage
Understanding the Social Engineering Toolkit
Armitage
Summary
References
Index
Index

About the Reviewers

Kubilay Onur Gungor has been working in the IT Security field for more than 7 years; he started his professional security career with the cryptanalysis of images—images encrypted using chaotic logistic maps. He gained experience in the Network Security field by working in the Data Processing Center of Isik University where he was the president of the Information Security and Research Club. After working as a QA tester on the Netsparker Web Application Security Scanner project, he continued his career in the Penetration Testing field with one of the leading security companies in Turkey. He performed many penetration tests and consultancies for the IT infrastructure of several large clients, such as banks, government institutions, and telecommunication companies.

Currently (since September 2012), he is working with the Sony Europe Incident Management team to develop incident management and overall cyber security strategies.

Kubilay has also been developing multidisciplinary cyber security approaches, including criminology, conflict management, perception management, terrorism, unconventional warfare theory, international relations, and sociology. He is the founder of Arquanum Multidisciplinary Cyber Security and Intelligence, an international research society for implications of implementing different disciplines into cyber struggles.

Kubilay has participated in many security conferences as a frequent speaker.

Besides security certificates, he holds Foreign Policy, Marketing and Brand Management, and Surviving certificates.

He is a full-patch member of the Freedom Riders Motorcycle Club.

Abhinav Singh is a young information security specialist from India. He has a keen interest in the field of Hacking and Network Security and has adopted this field as his full-time employment. He is the author of Metasploit Penetration Testing Cookbook, Packt Publishing, a book dealing with pen-testing using the most widely used framework. Abhinav's work has been quoted in several portals and technology magazines. He is also an active contributor to the SecurityXploded community. He can be reached via e-mail at . His Twitter handle is @abhinavbom.

I would like to thank my grandparents for their blessings, my parents for their support, and my sister for being my perfect doctor.

Previous Section
Next Chapter