Metasploit Penetration Testing Cookbook : Over 80 Recipes to Master the Most Widely Used Penetration Testing Framework /: Over 80 Recipes to Master the Most Widely Used Penetration Testing Framework. (2013)
- Record Type:
- Book
- Title:
- Metasploit Penetration Testing Cookbook : Over 80 Recipes to Master the Most Widely Used Penetration Testing Framework /: Over 80 Recipes to Master the Most Widely Used Penetration Testing Framework. (2013)
- Main Title:
- Metasploit Penetration Testing Cookbook : Over 80 Recipes to Master the Most Widely Used Penetration Testing Framework
- Further Information:
- Note: Monika Agarwal, Abhinav Singh.
- Other Names:
- Agarwal, Monika
Singh, Abhinav - Contents:
- Copyright; Credits; About the Authors; About the Reviewers; www.PacktPub.com; Table of Contents; Cover; Preface; Chapter 1: Metasploit Quick Tips for Security Professionals; Introduction; Configuring Metasploit on Windows; Configuring Metasploit on Ubuntu; Installing Metasploit with BackTrack 5 R3; Setting up penetration testing using VMware; Setting up Metasploit on a virtual machine with SSH connectivity; Installing and configuring PostgreSQL in BackTrack 5 R3; Using the database to store the penetration testing results; Working with BBQSQL; Chapter 2: Information Gathering and Scanning. IntroductionPassive information gathering; Port scanning -- the Nmap way; Port scanning -- the DNmap way; Using keimpx -- an SMB credentials scanner; Detecting SSH versions with the SSH version scanner; FTP scanning; SNMP sweeping; Vulnerability scanning with Nessus; Scanning with NeXpose; Working with OpenVAS -- a vulnerability scanner; Chapter 3: Operating-System-based Vulnerability Assessment; Introduction; Penetration testing on a Windows XP SP2 machine; Binding a shell to the target for remote access; Penetration testing on Windows 8; Exploiting a Linux (Ubuntu) machine. Understanding the Windows DLL injection flawsChapter 4: Client-side Exploitation and Antivirus Bypass; Introduction; Exploiting Internet Explorer execCommand Use-After-Free vulnerability; Understanding Adobe Flash Player ""new function"" invalid pointer use; Understanding Microsoft Word RTF stack buffer overflow;Copyright; Credits; About the Authors; About the Reviewers; www.PacktPub.com; Table of Contents; Cover; Preface; Chapter 1: Metasploit Quick Tips for Security Professionals; Introduction; Configuring Metasploit on Windows; Configuring Metasploit on Ubuntu; Installing Metasploit with BackTrack 5 R3; Setting up penetration testing using VMware; Setting up Metasploit on a virtual machine with SSH connectivity; Installing and configuring PostgreSQL in BackTrack 5 R3; Using the database to store the penetration testing results; Working with BBQSQL; Chapter 2: Information Gathering and Scanning. IntroductionPassive information gathering; Port scanning -- the Nmap way; Port scanning -- the DNmap way; Using keimpx -- an SMB credentials scanner; Detecting SSH versions with the SSH version scanner; FTP scanning; SNMP sweeping; Vulnerability scanning with Nessus; Scanning with NeXpose; Working with OpenVAS -- a vulnerability scanner; Chapter 3: Operating-System-based Vulnerability Assessment; Introduction; Penetration testing on a Windows XP SP2 machine; Binding a shell to the target for remote access; Penetration testing on Windows 8; Exploiting a Linux (Ubuntu) machine. Understanding the Windows DLL injection flawsChapter 4: Client-side Exploitation and Antivirus Bypass; Introduction; Exploiting Internet Explorer execCommand Use-After-Free vulnerability; Understanding Adobe Flash Player ""new function"" invalid pointer use; Understanding Microsoft Word RTF stack buffer overflow; Working with Adobe Reader U3D Memory Corruption; Generating binary and shell code from msfpayload; Msfencoding schemes with the detection ratio; Using the killav.rb script to disable the antivirus programs; Killing the antiviruses' services from the command line. Working with the syringe utilityChapter 5: Working with Modules for Penetration Testing; Introduction; Working with scanner auxiliary modules; Working with auxiliary admin modules; SQL injection and DoS attack module; Post-exploitation modules; Understanding the basics of module building; Analyzing an existing module; Building your own post-exploitation module; Chapter 6: Exploring Exploits; Introduction; Exploiting the module structure; Working with msfvenom; Converting an exploit to a Metasploit module; Porting and testing the new exploit module; Fuzzing with Metasploit. Writing a simple FileZilla FTP fuzzerChapter 7: VoIP Penetration Testing; Introduction; Scanning and enumeration phase; Yielding passwords; VLAN hopping; VoIP MAC spoofing; Impersonation attack; DoS attack; Chapter 8: Wireless Network Penetration Testing; Introduction; Setting up and running Fern WiFi Cracker; Sniffing interfaces with tcpdump; Cracking WEP and WPA with Fern WiFi Cracker; Session hijacking via a MAC address; Locating a target's geolocation; Understanding an evil twin attack; Configuring Karmetasploit; Chapter 9: Social-Engineer Toolkit; Introduction. … (more)
- Edition:
- Second edition
- Publisher Details:
- Birmingham, UK : Packt Publishing
- Publication Date:
- 2013
- Extent:
- 1 online resource (iv, 306 pages), illustrations
- Subjects:
- 005.8
COMPUTERS -- Security -- General
Computers -- Access control
Penetration testing (Computer security)
Computer networks -- Security measures -- Testing
COMPUTERS -- Internet -- Security
COMPUTERS -- Networking -- Security
Electronic books
Electronic books - Languages:
- English
- ISBNs:
- 9781461949329
1461949327
9781782166795
1782166793
9781782166788
1782166785 - Notes:
- Note: Print version record.
- Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.86742
- Ingest File:
- 01_064.xml