Metasploit The Penetration Tester's Guide

Name: Metasploit The Penetration Tester's Guide
Price: 13.47 USD
Availability: InStock
ISBN: 9781593272883

ISBN-10: 159327288X

ISBN-13: 9781593272883

Edition: 2011

Authors: David Kennedy, Jim O'Gorman, Devon Kearns, Mati Aharoni

List price: $49.95

30 day, 100% satisfaction guarantee!

Sell

Get cash fast!

Marketplace

3 new & used from $13.47

what's this?

Rush Rewards U
Members Receive:

You have reached 400 XP and carrot coins. That is the daily max!

Book details

List price: $49.95
Copyright year: 2011
Publisher: No Starch Press, Incorporated
Publication date: 7/15/2011
Binding: Paperback
Pages: 328
Size: 7.05" wide x 9.17" long x 1.06" tall
Weight: 1.804
Language: English

David Kennedy is Chief Information Security Officer at Diebold Incorporated and creator of the Social-Engineer Toolkit (SET), Fast-Track, and other open source tools. He is on the Back:Track and Exploit-Database development team and is a core member of the Social-Engineer podcast and framework. Kennedy has presented at a number of security conferences including Black Hat, DEF CON, ShmooCon, Security B-Sides, and more.

Jim O'Gorman is a professional penetration tester with CSC's StrikeForce, a co-founder of Social-Engineer.org, and an instructor at Offensive-Security. He is involved in digital investigations and malware analysis, and helped build forensic capabilities into Back:Track Linux. When not working on various security issues, Jim spends his time assisting his children in their attempts to fight Zombie hordes.

Devon Kearns is an instructor at Offensive-Security, a Back:Track Linux developer, and administrator of The Exploit Database. He has contributed a number of Metasploit exploit modules and is the maintainer of the Metasploit Unleashed wiki.

Mati Aharoni is the creator of the Back:Track Linux distribution and founder of Offensive-Security, the industry leader in security training.



Foreword


Preface


Acknowledgments


Special Thanks


Introduction


Why Do a Penetration Test?


Why Metasploit?


A Brief History of Metasploit


About This Book


What's in the Book?


A Note on Ethics



The Absolute Basics of Penetration Testing



The Phases of the PTES



Types of Penetration Tests



Vulnerability Scanners



Pulling It All Together



Metasploit Basics



Terminology



Metasploit Interfaces



Metasploit Utilities



Metasploit Express and Metasploit Pro



Wrapping Up



Intelligence Gathering



Passive Information Gathering



Active Information Gathering



Targeted Scanning



Writing a Custom Scanner



Looking Ahead



Vulnerability Scanning



The Basic Vulnerability Scan



Scanning with NeXpose



Scanning with Nessus



Specialty Vulnerability Scanners



Using Scan Results for Autopwning



The Joy of Exploitation



Basic Exploitation



Exploiting Your First Machine



Exploiting an Ubuntu Machine



All-Ports Payloads: Brute Forcing Ports



Resource Files



Wrapping Up



Meterpreter



Compromising a Windows XP Virtual Machine



Dumping Usernames and Passwords



Pass the Hash



Privilege Escalation



Token Impersonation



Using ps



Pivoting onto Other Systems



Using Meterpreter Scripts



Leveraging Post Exploitation Modules



Upgrading Your Command Shell to Meterpreter



Manipulating Windows APIs with the Railgun Add-On



Wrapping Up



Avoiding Detection



Creating Stand-Alone Binaries with MSFpayload



Evading Antivirus Detection



Custom Executable Templates



Launching a Payload Stealthily



Packers



A Final Note on Antivirus Software Evasion



Exploitation Using Client-Side Attacks



Browser-Based Exploits



Using Immunity Debugger to Decipher NOP Shellcode



Exploring the Internet Explorer Aurora Exploit



File Format Exploits



Sending the Payload



Wrapping Up



Metasploit Auxiliary Modules



Auxiliary Modules in Use



Anatomy of an Auxiliary Module



Going Forward



The Social-Engineer Toolkit



Configuring the Social-Engineer Toolkit



Spear-Phishing Attack Vector



Web Attack Vectors



Infectious Media Generator



Teensy USB HID Attack Vector



Additional SET Features



Looking Ahead



Fast-Track



Microsoft SQL Injection



Binary-to-Hex Generator



Mass Client-Side Attack



A Few Words About Automation



Karmetasploit



Configuration



Launching the Attack



Credential Harvesting



Getting a Shell



Wrapping Up



Building Your Own Module



Getting Command Execution on Microsoft SQL



Exploring an Existing Metasploit Module



Creating a New Module



The Power of Code Reuse



Creating Your Own Exploits



The Art of Fuzzing



Controlling the Structured Exception Handler



Hopping Around SEH Restrictions



Getting a Return Address



Bad Characters and Remote Code Execution



Wrapping Up



Porting Exploits to the Metasploit Framework



Assembly Language Basics



Porting a Buffer Overflow



SEH Overwrite Exploit



Wrapping Up



Meterpreter Scripting



Meterpreter Scripting Basics



Meterpreter API



Rules for Writing Meterpreter Scripts



Creating Your Own Meterpreter Script



Wrapping Up



Simulated Penetration Test



Pre-engagement Interactions



Intelligence Gathering



Threat Modeling



Exploitation



Customizing MSFconsole



Post Exploitation



Attacking Apache Tomcat



Attacking Obscure Services



Covering Your Tracks



Wrapping Up; Configuring Your Target Machines


Installing and Setting Up the System


Booting Up the Linux Virtual Machines


Setting Up a Vulnerable Windows XP Installation; Cheat Sheet


MSFconsole Commands


Meterpreter Commands


MSFpayload Commands


MSFencode Commands


MSFcli Commands


MSF, Ninja, Fu


MSFvenom


Meterpreter Post Exploitation Commands


Colophon


Updates