Book Image

Mastering Metasploit - Fourth Edition

By : Nipun Jaswal
Book Image

Mastering Metasploit - Fourth Edition

By: Nipun Jaswal

Overview of this book

Updated for the latest version of Metasploit, this book will prepare you to face everyday cyberattacks by simulating real-world scenarios. Complete with step-by-step explanations of essential concepts and practical examples, Mastering Metasploit will help you gain insights into programming Metasploit modules and carrying out exploitation, as well as building and porting various kinds of exploits in Metasploit. Giving you the ability to perform tests on different services, including databases, IoT, and mobile, this Metasploit book will help you get to grips with real-world, sophisticated scenarios where performing penetration tests is a challenge. You'll then learn a variety of methods and techniques to evade security controls deployed at a target's endpoint. As you advance, you’ll script automated attacks using CORTANA and Armitage to aid penetration testing by developing virtual bots and discover how you can add custom functionalities in Armitage. Following real-world case studies, this book will take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit 5.0 framework. By the end of the book, you’ll have developed the skills you need to work confidently with efficient exploitation techniques
Table of Contents (17 chapters)
1
Section 1 – Preparation and Development
6
Section 2 – The Attack Phase
10
Section 3 – Post-Exploitation and Evasion

Summary

Throughout this chapter, we learned about AV evasion techniques using custom C encoders and decoders, and we used pyinstaller to generate Python Meterpreter executables. We bypassed the signature matching of IDS systems, and we also avoided Windows firewall blocked ports using the all-TCP-ports Meterpreter payload. The next chapter relies heavily on these techniques and will take a deep dive into Metasploit.