Название: Metasploit: The Penetration Tester's Guide, 2nd EditionАвтор: David Kennedy, Mati Aharoni, Devon Kearns, Jim O’Gorman, Daniel G. Graham
Издательство: No Starch Press
Год: 2025
Страниц: 288
Язык: английский
Формат: epub
Размер: 10.1 MB
The new and improved guide to penetration testing using the legendary Metasploit Framework. Metasploit: The Penetration Tester’s Guide has been the definitive security assessment resource for over a decade. The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless, but using it can be challenging for newcomers.
Metasploit isn’t just a tool; it’s an entire framework that provides the infrastructure needed to automate mundane, routine, and complex tasks. This automation allows you to concentrate on the specialized aspects of penetration testing and identify flaws within your information security program.
This book focuses on the Metasploit Framework. This open source platform provides a consistent, reliable library of constantly updated exploits and offers a complete development environment for building new tools and automating every aspect of a penetration test. The Metasploit Framework is an infamously volatile project; the code base is updated dozens of times every day by a core group of developers and submissions from hundreds of community contributors. Writing a book about the Framework is a masochistic endeavor; by the time that a given chapter has been proofread, the content may already be out of date. The authors took on the Herculean task of writing this book in such a way that the content will still be applicable by the time it reaches its readers.
The Metasploit team has been involved with this book to make sure that changes to the code are accurately reflected and that the final result is as close to zero-day coverage of the Metasploit Framework as is humanly possible. We can state with full confidence that it is the best guide to the Metasploit Framework available today, and it will likely remain so for a long time. We hope you find this book valuable in your work and an excellent reference in your trials ahead.
This book is designed to teach you the fundamentals of the Framework as well as advanced techniques in exploitation. Our goal is to provide a useful tutorial for the beginner and a reference for practitioners. However, we won’t always hold your hand. Programming knowledge is a definite advantage in the penetration testing field, and many of the examples in this book will use either the Ruby or Python programming language. Still, while we suggest that you learn a language to aid in advanced exploitation and customization of attacks, programming knowledge isn’t required.
Written by renowned ethical hackers and industry experts, this fully updated second edition includes:
Advanced Active Directory and cloud penetration testing
Modern evasion techniques and payload encoding
Malicious document generation for client-side exploitation
Coverage of recently added modules and commands Starting with Framework essentials—exploits, payloads, Meterpreter, and auxiliary modules—you’ll progress to advanced methodologies aligned with the Penetration Test Execution Standard (PTES). Through real-world examples and simulated penetration tests, you’ll
Conduct network reconnaissance and analyze vulnerabilities
Execute wireless network and social engineering attacks
Perform post-exploitation techniques, including privilege escalation
Develop custom modules in Ruby and port existing exploits
Use MSFvenom to evade detection
Скачать Metasploit: The Penetration Tester's Guide, 2nd Edition
[related-news] [/related-news]
Комментарии 0
Комментариев пока нет. Стань первым!