What do you think?
Rate this book
Mastering Metasploit
Key FeaturesGain the skills to carry out penetration testing in complex and highly-secured environmentsBecome a master using the Metasploit framework, develop exploits, and generate modules for a variety of real-world scenariosGet this completely updated edition with new useful methods and techniques to make your network robust and resilientBook DescriptionMetasploit is a popular penetration testing framework that has one of the largest exploit databases around. This book will show you exactly how to prepare yourself against the attacks you will face every day by simulating real-world possibilities.
We start by reminding you about the basic functionalities of Metasploit and its use in the most traditional ways. You’ll get to know about the basics of programming Metasploit modules as a refresher, and then dive into carrying out exploitation as well building and porting exploits of various kinds in Metasploit.
In the next section, you’ll develop the ability to perform testing on various services such as SCADA, databases, IoT, mobile, tablets, and many more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework.
By the end of the book, you will be trained specifically on time-saving techniques using Metasploit.
What you will learnDevelop advanced and sophisticated auxiliary modulesPort exploits from PERL, Python, and many more programming languagesTest services such as databases, SCADA, and many moreAttack the client side with highly advanced techniquesTest mobile and tablet devices with MetasploitPerform social engineering with MetasploitPerform attacks on web servers and systems with Armitage GUIScript attacks in Armitage using CORTANA scriptingAbout the AuthorNipun Jaswal is an IT security business executive & a passionate IT security Researcher with more than 7 years of professional experience and possesses knowledge in all aspects of IT security testing and implementation with expertise in managing cross-cultural teams and planning the execution of security needs beyond national boundaries.
He is an M.tech in Computer Sciences and a thought leader who has contributed in raising the bar of understanding on cyber security and ethical hacking among students of many colleges and universities in India. He is a voracious public speaker, delivers speech on Improving IT Security, Insider Threat, Social Engineering, Wireless forensics, and Exploit writing. He is the author of numerous IT security articles with popular security magazines like Eforensics, Hakin9, and Security Kaizen etc. Many popular companies like Apple, Microsoft, AT&T, Offensive Security, Rapid7, Blackberry, Nokia, Zynga.com and many others have thanked him for finding vulnerabilities in their system. He has also been acknowledged with the Award of excellence from National cyber defense and research center (NCDRC) for his tremendous contributions to the IT security industry.
In his current profile, he leads team super specialists in cyber security to protect various clients from Cyber Security threats and network intrusion by providing necessary solutions and services. Please feel free to contact him via mail at mail@nipunjaswal.info
We start by reminding you about the basic functionalities of Metasploit and its use in the most traditional ways. You’ll get to know about the basics of programming Metasploit modules as a refresher, and then dive into carrying out exploitation as well building and porting exploits of various kinds in Metasploit.
In the next section, you’ll develop the ability to perform testing on various services such as SCADA, databases, IoT, mobile, tablets, and many more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework.
By the end of the book, you will be trained specifically on time-saving techniques using Metasploit.
What you will learnDevelop advanced and sophisticated auxiliary modulesPort exploits from PERL, Python, and many more programming languagesTest services such as databases, SCADA, and many moreAttack the client side with highly advanced techniquesTest mobile and tablet devices with MetasploitPerform social engineering with MetasploitPerform attacks on web servers and systems with Armitage GUIScript attacks in Armitage using CORTANA scriptingAbout the AuthorNipun Jaswal is an IT security business executive & a passionate IT security Researcher with more than 7 years of professional experience and possesses knowledge in all aspects of IT security testing and implementation with expertise in managing cross-cultural teams and planning the execution of security needs beyond national boundaries.
He is an M.tech in Computer Sciences and a thought leader who has contributed in raising the bar of understanding on cyber security and ethical hacking among students of many colleges and universities in India. He is a voracious public speaker, delivers speech on Improving IT Security, Insider Threat, Social Engineering, Wireless forensics, and Exploit writing. He is the author of numerous IT security articles with popular security magazines like Eforensics, Hakin9, and Security Kaizen etc. Many popular companies like Apple, Microsoft, AT&T, Offensive Security, Rapid7, Blackberry, Nokia, Zynga.com and many others have thanked him for finding vulnerabilities in their system. He has also been acknowledged with the Award of excellence from National cyber defense and research center (NCDRC) for his tremendous contributions to the IT security industry.
In his current profile, he leads team super specialists in cyber security to protect various clients from Cyber Security threats and network intrusion by providing necessary solutions and services. Please feel free to contact him via mail at mail@nipunjaswal.info
- GenresTechnologyHackers
535 pages, Kindle Edition
First published May 26, 2014
69 people are currently reading
94 people want to read
About the author
Nipun Jaswal
9 books4 followersNipun Jaswal is an International Cyber Security Author and an award-winning IT security researcher with a decade of experience in penetration testing, vulnerability assessments, surveillance and monitoring solutions, and RF and wireless hacking.
He has authored Metasploit Bootcamp, Mastering Metasploit, and Mastering Metasploit—Second Edition, and coauthored the Metasploit Revealed set of books. He has authored numerous articles and exploits that can be found on popular security databases, such as packet storm and exploit-db. Please feel free to contact him at @nipunjaswal.
He has authored Metasploit Bootcamp, Mastering Metasploit, and Mastering Metasploit—Second Edition, and coauthored the Metasploit Revealed set of books. He has authored numerous articles and exploits that can be found on popular security databases, such as packet storm and exploit-db. Please feel free to contact him at @nipunjaswal.
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 7 of 7 reviews
Currently reading
August 13, 2014Mastering Metasploit is the best book that all security professionals must read in order to get into the heart of Metasploit framework. The book covers all aspects of the framework including using the exploits, writing exploits and modules, understanding the architecture. It also covers practical examples to help readers achieve the best results.
This book is the first book that I have seen to explain under the hood of Metasploit. In order to be a good pentester one must not only focus on the usage of the tools, but also being able to write custom attacks, modules, scripts, etc.
The book can be useful for those who want to start with the framework and also security professionals that have used the Metasploit so far.
"You can purchase this book from the publishers Website with special discount"
This book is the first book that I have seen to explain under the hood of Metasploit. In order to be a good pentester one must not only focus on the usage of the tools, but also being able to write custom attacks, modules, scripts, etc.
The book can be useful for those who want to start with the framework and also security professionals that have used the Metasploit so far.
"You can purchase this book from the publishers Website with special discount"
August 17, 2014
This book takes you on a journey starting from the very begging.
On the first couple of pages it covers nmap target analysis, and exploitation of popular Windows systems.
It gives you a nice intro into the Ruby programming language - the language Metasploit is written in. Analysis of Metasploit code follows, naturally.
But that's not all. Far from it. Explanations on assembly, ports to pearl, web server exploitation, SCADA, SQL, VOIP, you name it. It's all there. Even social engineering.
And after all this, there is a chapter on optimizing code it already covered.
This is an excellent book, that I found very helpful. I would recommend it to anyone interested in security.
On the first couple of pages it covers nmap target analysis, and exploitation of popular Windows systems.
It gives you a nice intro into the Ruby programming language - the language Metasploit is written in. Analysis of Metasploit code follows, naturally.
But that's not all. Far from it. Explanations on assembly, ports to pearl, web server exploitation, SCADA, SQL, VOIP, you name it. It's all there. Even social engineering.
And after all this, there is a chapter on optimizing code it already covered.
This is an excellent book, that I found very helpful. I would recommend it to anyone interested in security.
July 23, 2014
I really enjoyed reading this book, it is very well organized and the chapters follow a logical scheme, clearly stating the objectives at the beginning.
After an introductory part, which describes in general how a penetration Testing should be conducted to adhere to the standard and achieve objective results, the book starts introducing you to Metasploit internals and focuses on the framework and what it offers to you to build your own tests and exploits.
It is not just a mere description of how Metasploit works, the aim of the author is to help you understand how to work with the software and how you can leverage what it offers in order to get full advantage of what it can do.
This objective is achieved explaining every aspect with an example and with some screenshot that help you understand what is going on with a step by step approach : this makes this book ideal also for teaching advanced techniques to a class of students.
The central part of the book then focuses on various techniques to test a rich set of systems ranging fom Scada, to Windows, to web and Database servers.
Other interesting arguments covered are the advanced client-side attacks and the social engineering toolkit.
Finally, the last part of the book gives you many tips to enhance your working environment to speed up the tests and teaches you how you can work even more easily with Armitage, taking advantage of its scripting language Cortana.
To sum up, this is really a must have book if you want to learn a professional approach to penetration testing, to become very proficient using Metasploit and other useful tools used to perform and explain various attack techniques and find useful hints and tips on how to plan and perform penetration testing in various scenarios in a quick and effective manner.
Read more on this book on Packt website
After an introductory part, which describes in general how a penetration Testing should be conducted to adhere to the standard and achieve objective results, the book starts introducing you to Metasploit internals and focuses on the framework and what it offers to you to build your own tests and exploits.
It is not just a mere description of how Metasploit works, the aim of the author is to help you understand how to work with the software and how you can leverage what it offers in order to get full advantage of what it can do.
This objective is achieved explaining every aspect with an example and with some screenshot that help you understand what is going on with a step by step approach : this makes this book ideal also for teaching advanced techniques to a class of students.
The central part of the book then focuses on various techniques to test a rich set of systems ranging fom Scada, to Windows, to web and Database servers.
Other interesting arguments covered are the advanced client-side attacks and the social engineering toolkit.
Finally, the last part of the book gives you many tips to enhance your working environment to speed up the tests and teaches you how you can work even more easily with Armitage, taking advantage of its scripting language Cortana.
To sum up, this is really a must have book if you want to learn a professional approach to penetration testing, to become very proficient using Metasploit and other useful tools used to perform and explain various attack techniques and find useful hints and tips on how to plan and perform penetration testing in various scenarios in a quick and effective manner.
Read more on this book on Packt website
August 11, 2014
I was thoroughly impressed with the contents of this book. I have read other books on Metasploit and did not find them to go far beyond the basics, whereas Nipun Jaswal's "Mastering Metasploit" goes way beyond the basics. This book was written so even a beginner could understand, however what makes this book stand out is the focus on advanced techniques and clearly written examples. It was written logically and methodically and the objectives were clearly stated from the beginning. I would recommend this book to anybody that uses Metasploit and wants to master it.
July 25, 2014
The Book is Great in All perspectives. Author has kept each and every thing in detail. the beat part about this book is that it starts where most of the books stop.
Pros:
1. Exploit Development in detail
2. Coverage of Cortana
3. Module Building in detail
4. Voip, Db and scada coverage
5. Too many exploits to deal with
Cons:
1. Didnt found any, Overall extremely happy with the purchase
Pros:
1. Exploit Development in detail
2. Coverage of Cortana
3. Module Building in detail
4. Voip, Db and scada coverage
5. Too many exploits to deal with
Cons:
1. Didnt found any, Overall extremely happy with the purchase
March 3, 2018
This is a very good book. Unlike other books about Metasploit, this one even teaches about exploit development in one of its chapters. Highly recommended.
July 14, 2020
Good to read
This book is read be come it teach you how much the good to to test your knowledge about. Computer get hack and it test your skills level go Kali Linux
This book is read be come it teach you how much the good to to test your knowledge about. Computer get hack and it test your skills level go Kali Linux
Displaying 1 - 7 of 7 reviews