Metasploit Penetration Testing Cookbook, 2nd Edition

Book Description

Metasploit software helps security and IT professionals identify security issues, verify vulnerability mitigations, and manage expert-driven security assessments. Capabilities include smart exploitation, password auditing, web application scanning, and social engineering. Teams can collaborate in Metasploit and present their findings in consolidated reports. The goal of the software is to provide a clear understanding of the critical vulnerabilities in any environment and to manage those risks.

Metasploit Penetration Testing Cookbook, Second Edition contains chapters that are logically arranged with an increasing level of complexity and thoroughly covers some aspects of Metasploit, ranging from pre-exploitation to the post-exploitation phase. This book is an update from version 4.0 to version 4.5. It covers the detailed penetration testing techniques for different specializations like wireless networks, VOIP systems, and the cloud.

Metasploit Penetration Testing Cookbook, Second Edition covers a number of topics which were not part of the first edition. You will learn how to penetrate an operating system (Windows 8 penetration testing) to the penetration of a wireless network, VoIP network, and then to cloud.

The book starts with the basics, such as gathering information about your target, and then develops to cover advanced topics like building your own framework scripts and modules. The book goes deep into operating-systems-based penetration testing techniques and moves ahead with client-based exploitation methodologies. In the post-exploitation phase, it covers meterpreter, antivirus bypass, ruby wonders, exploit building, porting exploits to the framework, and penetration testing, while dealing with VOIP, wireless networks, and cloud computing.

This book will help readers to think from a hacker’s perspective to dig out the flaws in target networks and also to leverage the powers of Metasploit to compromise them. It will take your penetration skills to the next level.

What you will learn from this book

Set up a complete penetration testing environment using Metasploit and virtual machines
Discover how to penetration test popular operating systems such as Windows 8
Get familiar with penetration testing based on client side exploitation techniques with detailed analysis of vulnerabilities and codes
Build and analyze meterpreter scripts in Ruby
Learn penetration testing in VOIP, WLAN, and the cloud from start to finish including information gathering, vulnerability assessment, exploitation, and privilege escalation
Make the most of the exclusive coverage of antivirus bypassing techniques using Metasploit
Work with BBQSQL to analyze the stored results of the database

Approach
This book follows a Cookbook style with recipes explaining the steps for penetration testing with WLAN, VOIP, and even cloud computing. There is plenty of code and commands used to make your learning curve easy and quick.

Who this book is for
This book targets both professional penetration testers as well as new users of Metasploit, who wish to gain expertise over the framework and learn an additional skill of penetration testing, not limited to a particular OS. The book requires basic knowledge of scanning, exploitation, and the Ruby language.