Book Image

Learn Penetration Testing

By : Rishalin Pillay
Book Image

Learn Penetration Testing

By: Rishalin Pillay

Overview of this book

Sending information via the internet is not entirely private, as evidenced by the rise in hacking, malware attacks, and security threats. With the help of this book, you'll learn crucial penetration testing techniques to help you evaluate enterprise defenses. You'll start by understanding each stage of pentesting and deploying target virtual machines, including Linux and Windows. Next, the book will guide you through performing intermediate penetration testing in a controlled environment. With the help of practical use cases, you'll also be able to implement your learning in real-world scenarios. By studying everything from setting up your lab, information gathering and password attacks, through to social engineering and post exploitation, you'll be able to successfully overcome security threats. The book will even help you leverage the best tools, such as Kali Linux, Metasploit, Burp Suite, and other open source pentesting tools to perform these techniques. Toward the later chapters, you'll focus on best practices to quickly resolve security threats. By the end of this book, you'll be well versed with various penetration testing techniques so as to be able to tackle security threats effectively
Table of Contents (21 chapters)
Free Chapter
1
Section 1: The Basics
4
Section 2: Exploitation
12
Section 3: Post Exploitation
16
Section 4: Putting It All Together

Metasploit options, shells, and payloads

Metasploit has a number of options, shells, and payloads that are used when you select various exploits.

Covering all possible options within all exploits is not in the scope of this book, but I will explain how to find the options and discuss the most common options that are used. It's important to understand the various shells and payload options that exist.

Options

Different modules within the Metasploit Framework make use of different options. For example, a login scanner module would contain options such as userpass_file, pass_file, and user_file. In the following screenshot, you will notice the options for the auxiliary/scanner/ssh/ssh_login module:

Figure 23: SSH login...