Footprinting and scanning is the first phase after the pre-interactions and, based on the type of testing approach (black box, white box, or grey box), the footprinting phase will differ significantly. In a black box test scenario, we will target everything since no prior knowledge of the target is given, while we will perform focused application- and architecture-specific tests in a white box approach. A grey box test will combine the best of both types of methodology. We will follow the black box approach. So, let's fire up Metasploit and run a basic scan. However, let us add a new workspace to Metasploit. Adding a new workspace will keep the scan data separate from the other scans in the database and will help to find the results in a much easier and more manageable way. To add a new workspace, just type in workspace -a [name of the new workspace] and, to switch the context to the new workspace, simply type in workspace followed by the name of the workspace...
Metasploit Revealed: Secrets of the Expert Pentester
By :
Metasploit Revealed: Secrets of the Expert Pentester
By:
Overview of this book
Metasploit is a popular penetration testing framework that has one of the largest exploit databases around. This book will show you exactly how to prepare yourself against the attacks you will face every day by simulating real-world possibilities.
This learning path will begin by introducing you to Metasploit and its functionalities. You will learn how to set up and configure Metasploit on various platforms to create a virtual test environment. You will also get your hands on various tools and components and get hands-on experience with carrying out client-side attacks. In the next part of this learning path, you’ll develop the ability to perform testing on various services such as SCADA, databases, IoT, mobile, tablets, and many more services.
After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework.
The final instalment of your learning journey will be covered through a bootcamp approach. You will be able to bring together the learning together and speed up and integrate Metasploit with leading industry tools for penetration testing. You’ll finish by working on challenges based on user’s preparation and work towards solving the challenge.
The course provides you with highly practical content explaining Metasploit from the following Packt books:
1. Metasploit for Beginners
2. Mastering Metasploit, Second Edition
3. Metasploit Bootcamp
Related Content you might be interested in
Current Title:
Metasploit Revealed: Secrets of the Expert Pentester
No titles found
Table of Contents (35 chapters)
Title Page
Credits
Preface
Introduction to Metasploit and Supporting Tools
Setting up Your Environment
Metasploit Components and Environment Configuration
Information Gathering with Metasploit
Vulnerability Hunting with Metasploit
Client-side Attacks with Metasploit
Web Application Scanning with Metasploit
Antivirus Evasion and Anti-Forensics
Cyber Attack Management with Armitage
Extending Metasploit and Exploit Development
Module 2
Approaching a Penetration Test Using Metasploit
Reinventing Metasploit
The Exploit Formulation Process
Porting Exploits
Testing Services with Metasploit
Virtual Test Grounds and Staging
Client-side Exploitation
Metasploit Extended
Speeding up Penetration Testing
Visualizing with Armitage
Module 3
Getting Started with Metasploit
Identifying and Scanning Targets
Exploitation and Gaining Access
Post-Exploitation with Metasploit
Testing Services with Metasploit
Fast-Paced Exploitation with Metasploit
Exploiting Real-World Challenges with Metasploit
Bibliography
Thanks page
Customer Reviews