Book Image

Mastering Metasploit - Third Edition

By : Nipun Jaswal
Book Image

Mastering Metasploit - Third Edition

By: Nipun Jaswal

Overview of this book

We start by reminding you about the basic functionalities of Metasploit and its use in the most traditional ways. You’ll get to know about the basics of programming Metasploit modules as a refresher and then dive into carrying out exploitation as well building and porting exploits of various kinds in Metasploit. In the next section, you’ll develop the ability to perform testing on various services such as databases, Cloud environment, IoT, mobile, tablets, and similar more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework. By the end of the book, you will be trained specifically on time-saving techniques using Metasploit.
Table of Contents (14 chapters)

Summary

Throughout this chapter, we looked at specialized tools and techniques that can aid law enforcement agencies. However, all these techniques must be carefully practiced as specific laws may restrict you while performing these exercises. Nevertheless, throughout this chapter, we covered how we could proxy Meterpreter sessions. We looked at APT techniques for gaining persistence, harvesting files from the target systems, using venom to obfuscate payloads, and how to cover tracks using anti-forensic third-party modules in Metasploit.

Try the following exercises:

  • Try using Metasploit aggregator once its fixed officially
  • Complete the code cave exercise and try binding legit DLLs to the payloads without crash the original application
  • Build your own post-exploitation module for DLL planting method

In the upcoming chapter, we will switch to the infamous Armitage tool and will...