Book Image

Mastering Metasploit - Third Edition

By : Nipun Jaswal
Book Image

Mastering Metasploit - Third Edition

By: Nipun Jaswal

Overview of this book

We start by reminding you about the basic functionalities of Metasploit and its use in the most traditional ways. You’ll get to know about the basics of programming Metasploit modules as a refresher and then dive into carrying out exploitation as well building and porting exploits of various kinds in Metasploit. In the next section, you’ll develop the ability to perform testing on various services such as databases, Cloud environment, IoT, mobile, tablets, and similar more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework. By the end of the book, you will be trained specifically on time-saving techniques using Metasploit.
Table of Contents (14 chapters)

Automating the Social Engineering Toolkit

The Social Engineering Toolkit (SET) is a Python-based set of tools that target the human side of penetration testing. We can use SET to perform phishing attacks, web jacking attacks that involve victim redirection stating that the original website has moved to a different place, file format-based exploits that target particular software for exploitation of the victim's system, and many others. The best thing about using SET is the menu-driven approach, which will set up quick exploitation vectors in no time.

SET is extremely fast at generating client-side exploitation templates. However, we can make it faster using the automation scripts. Let's see an example:

In the preceding screenshot, we fed...