Goodreads helps you keep track of books you want to read.
Start by marking “Metasploit: The Penetration Tester's Guide” as Want to Read:
Metasploit: The Penetration Tester's Guide
Enlarge cover
Rate this book
Clear rating
Open Preview

Metasploit: The Penetration Tester's Guide

4.17 of 5 stars 4.17  ·  rating details  ·  280 ratings  ·  21 reviews
"The best guide to the Metasploit Framework." —HD Moore, Founder of the Metasploit ProjectThe Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. But while Metasploit is used by security professionals everywhere, the tool can be hard to grasp for first-time users. Metasploit: The Penetration Tester's Guide fills th ...more
Paperback, 328 pages
Published July 22nd 2011 by No Starch Press (first published May 15th 2011)
more details... edit details

Friend Reviews

To see what your friends thought of this book, please sign up.

Reader Q&A

To ask other readers questions about Metasploit, please sign up.

Be the first to ask a question about Metasploit

Community Reviews

(showing 1-30 of 902)
filter  |  sort: default (?)  |  rating details
Where to start? The Metasploit Framework (MSF) is a very popular penetration testing tool used by security professionals the world over. It was previously written in Perl but underwent a complete rewrite for version 3, where the developers switched the project to Ruby. The tool unifies the various stages of penetration testing in convenient interfaces (“msfconsole” for interactive use and “msfcli” for scripting purposes): information gathering and storage, exploit and payload configuration, IDS ...more
Eric Gragsone
I mainly picked this up for the chapter on the Social-Engineering Toolkit, but I felt much of the content for both SET and Metasploit was already well documented online ( But if you prefer serial content over hyperlinked, then this is a decent version.
Jason Loera
Although the principles within this book are still relevant and very helpful, the book is outdated and a revised version hasn't been published. An even newer version of Metasploit is being released at DEFCON 23 which will further make this book obsolete.
This book was great but it is quickly dated. A lot of the information is now online but that is ok its still a great place for a beginner to start.
Omar Chajia
for those who want to go deep in exploitation and hack like hugh jackman in swordfish movie
Kenneth Miller
Bought this with IASP scholarship money. Read it front to back, was not required by any class.
I have occasionally played Metasploit with friends and recently started playing at home, so this seemed like a good guide. The first chapter adds some interesting commentary to the storyline but can be skipped by those not completely interested in the thin plot. Other than that, this book is a standard walkthrough with some hints and easter eggs. My biggest complaint is that even after reading this book cover to cover, I'm still trying to figure out how to beat this game.
Pranshu Bajpai
Awesome book for anyone new to Metasploit framework. Also check out the Metasploit unleashed tutorials on official website.
A good introductory to the different ways of using Metasploit. Since I had already some previous experience using Metasploit my favorite chapters were the one covering usage of Meterpreter and how to create your own module or how to port your own exploits to Metasploit framework. In the end of the book there was also a nice chapter how to set up a small and vulnerable network for testing different attacks which I also found a good addition to the book.
Probably one of the best penetration testing books I have ever read. You will need basic linux knowledge and a backtrack distro to be able to get most of this book. It first teaches you the basics of Metasploit then you go deeper and deeper.

some of the commands are outdated however I am pretty sure a hacker like you can manage to get him/herself updated.

And remember: Hugs are always better than handshakes !!;-)
Nothing ...
it's the best book that's i ever read it .. it's open my eyes to sea everything that's i wasn't sea it before ..
i really enjoy to read all the book and i was so sad because the book is finish ! ..
and know i recommend every one to read this book to know how thing work and to sea the world in really life ..
thaks to u Devid kenndy FOR the writting the book and shared whit us !
Its too short, mostly novice tutorials.

Last chapters on exploit development / adapting side exploits for Metasploit Framework and scripting were best but still too thin.

This book is more like introduction articles on Metasploit / SET / Fast Track / etc. Such famous authors could write multiple thousand+ pages volumes on each topic for good I think.
Charles Bellefleur
This book serves as an excellent way to learn the Metasploit framework. Very clear and detailed information, well explained and a great structure makes it easy to follow and assimilate. Only chapter that could have been better is the "real-life example of a complete pen test".
This book is great for anyone trying to pick up advanced metasploit methodology. Great as a reference and for first timers that want a complete walk through.
Wolfgang Barthel
One of the best Metasploit books out there. It covers the basics but also some more advanced stuff very useful in my daily pentesting live out there :)
A fantastic resource. I think that if I worked in the field, I'd make this a book to reread regularly. Each time you'd pick out more useful details.
Richard Wall
Very informative book. I'm a system administrator and found the information very helpful when trying to secure a network from outside attack.
Great book but, it is outdated. For people wanting to read this book, I recommend reading the manual thats in Kali(new bt5).
Covers everything you need to know about the Metasploit framework. No more no less. I liked it.
Stephen Linderman
Its david kennedy you really can't say any thing else. Your going to get the best from the best.
Joe Visconti
A very technical book that can get you up and running on metasploit; if you are patient
Harle is currently reading it
Jul 29, 2015
Farhad marked it as to-read
Jul 29, 2015
Hamza marked it as to-read
Jul 28, 2015
Vaibhav Dubey
Vaibhav Dubey marked it as to-read
Jul 27, 2015
Gustavo Simon
Gustavo Simon is currently reading it
Jul 26, 2015
Duarte Quintela
Duarte Quintela marked it as to-read
Jul 23, 2015
« previous 1 3 4 5 6 7 8 9 30 31 next »
topics  posts  views  last activity   
Not understanding the Test Network 1 2 Dec 24, 2014 09:41AM  
  • Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
  • Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
  • The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
  • The Tangled Web: A Guide to Securing Modern Web Applications
  • The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy
  • Gray Hat Hacking: The Ethical Hacker's Handbook
  • The Practice of Network Security Monitoring: Understanding Incident Detection and Response
  • Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
  • Reversing: Secrets of Reverse Engineering
  • The Shellcoder's Handbook: Discovering and Exploiting Security Holes
  • Hacking: The Art of Exploitation
  • The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System
  • Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems
  • A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security
  • Gray Hat Python: Python Programming for Hackers and Reverse Engineers
  • The Art of Software Security Assessment: Identifying and Avoiding Software Vulnerabilities
  • Backtrack 5 Wireless Penetration Testing Beginner's Guide
  • Counter Hack Reloaded: A Step-By-Step Guide to Computer Attacks and Effective Defenses

Goodreads is hiring!

If you like books and love to build cool products, we may be looking for you.
Learn more »

Share This Book