What do you think?
Rate this book
Learning Metasploit Exploitation and Development
Learning Metasploit Exploitation and Development
294 pages, Paperback
First published January 1, 2013
2 people are currently reading
17 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 of 1 review
September 13, 2013
Just completed my review copy of this book, and I must say, i was completely disappointed with it. Allow me to explain.
First off, I thought (from the title) that this would be a book on weaponizing custom exploits within the metasploit framework. When i finally got to chapter twelve, there was a small portion on how to start writing your own, but nothing that I had hoped for.
I then thought that my expectations of the book was the issue. I went to the publisher site and saw the following highlights of the book:
1. Step-by-step instructions to learn exploit development with Metasploit, along with crucial aspects of client-side exploitation to secure against unauthorized access and defend vulnerabilities
2. This book contains the latest exploits tested on new operating systems and also covers the concept of hacking recent network topologies
3. This tutorial encourages you to really think out of the box and test your ability to beat the vulnerabilities when the chances appear slim
This did not help my frustrations at all. Let's take a look at each of those more in-depth:
#1 - The key word phrase here (at least to me) was `exploit development'. This is not the case at all. This book will teach you the basics and some of the common functions of metasploit. That's pretty much it. If you're looking to for a book to create custom metasploit modules, this book isn't for you.
#2 - Latest exploits tested on new operating systems: I am going to have to disagree. Here's the opening paragraph of chapter one.
"In this chapter we are going to demonstrate the complete lab setup needed for the practical, hands-on working experience with this book. To set up the lab we need three things: Oracle VM VirtualBox, Microsoft Windows XP SP2, and BackTrack 5 R2. "
XPSP2? Really? SP2 was released in fall of 2004.
BT5R2... the release before the last release of a dead linux distribution.
#3 - Um... Ok. All successful pentesters do.
Overall, I was completely disappointed with this book. I think the publisher will avoid frustrated readers by changing the title of the book-- something like "Exploitation With Metasploit - Beginners Guide" or something along those lines.
That being said-- if you're completely new to metasploit and want to get a good foundation on how it works and what you can do with it, this book will serve you well.
First off, I thought (from the title) that this would be a book on weaponizing custom exploits within the metasploit framework. When i finally got to chapter twelve, there was a small portion on how to start writing your own, but nothing that I had hoped for.
I then thought that my expectations of the book was the issue. I went to the publisher site and saw the following highlights of the book:
1. Step-by-step instructions to learn exploit development with Metasploit, along with crucial aspects of client-side exploitation to secure against unauthorized access and defend vulnerabilities
2. This book contains the latest exploits tested on new operating systems and also covers the concept of hacking recent network topologies
3. This tutorial encourages you to really think out of the box and test your ability to beat the vulnerabilities when the chances appear slim
This did not help my frustrations at all. Let's take a look at each of those more in-depth:
#1 - The key word phrase here (at least to me) was `exploit development'. This is not the case at all. This book will teach you the basics and some of the common functions of metasploit. That's pretty much it. If you're looking to for a book to create custom metasploit modules, this book isn't for you.
#2 - Latest exploits tested on new operating systems: I am going to have to disagree. Here's the opening paragraph of chapter one.
"In this chapter we are going to demonstrate the complete lab setup needed for the practical, hands-on working experience with this book. To set up the lab we need three things: Oracle VM VirtualBox, Microsoft Windows XP SP2, and BackTrack 5 R2. "
XPSP2? Really? SP2 was released in fall of 2004.
BT5R2... the release before the last release of a dead linux distribution.
#3 - Um... Ok. All successful pentesters do.
Overall, I was completely disappointed with this book. I think the publisher will avoid frustrated readers by changing the title of the book-- something like "Exploitation With Metasploit - Beginners Guide" or something along those lines.
That being said-- if you're completely new to metasploit and want to get a good foundation on how it works and what you can do with it, this book will serve you well.
Displaying 1 of 1 review