Mastering Metasploit. With this tutorial you can improve your Metasploit skills and learn to put your network’s defenses to the ultimate test. The step-by-step approach teaches you the techniques and languages needed to become an expert
- Autor:
- Nipun Jaswal
- Ocena:
- Bądź pierwszym, który oceni tę książkę
- Stron:
- 378
- Dostępne formaty:
-
PDFePubMobi
Opis ebooka: Mastering Metasploit. With this tutorial you can improve your Metasploit skills and learn to put your network’s defenses to the ultimate test. The step-by-step approach teaches you the techniques and languages needed to become an expert
Wybrane bestsellery
-
Jeśli masz już pewne umiejętności pentestera, dzięki tej książce poszerzysz swoją wiedzę o zaawansowanych narzędziach dostępnych w Kali Linux, a także nauczysz się wyrafinowanych taktyk stosowanych przez prawdziwych hakerów do atakowania sieci komputerowych. Omówiono tu różne sposoby instalowania...
Kali Linux i zaawansowane testy penetracyjne. Zostań ekspertem cyberbezpieczeństwa za pomocą Metasploit, Nmap, Wireshark i Burp Suite. Wydanie IV Kali Linux i zaawansowane testy penetracyjne. Zostań ekspertem cyberbezpieczeństwa za pomocą Metasploit, Nmap, Wireshark i Burp Suite. Wydanie IV
(59.40 zł najniższa cena z 30 dni)69.30 zł
99.00 zł(-30%) -
W sieci zabezpieczeń, które stworzyliśmy dla ochrony naszych danych, najsłabszym elementem jest zawsze czynnik ludzki. Hackerzy, zarówno etyczni, jak i nie, korzystają z wachlarza sztuczek opierających na „hackowaniu osobistym” i pozwalających przekonać innych do ujawnienia haseł, prz...
Socjotechnika. Sztuka zdobywania władzy nad umysłami. Wydanie II Socjotechnika. Sztuka zdobywania władzy nad umysłami. Wydanie II
(35.40 zł najniższa cena z 30 dni)41.30 zł
59.00 zł(-30%) -
Dzięki tej książce poznasz sprawdzone techniki pokonywania mechanizmów obronnych różnych systemów za pomocą narzędzi dostępnych w Kali Linux. Dowiesz się, jak wybrać najbardziej efektywne rozwiązania, nauczysz się szybkiego skanowania sieci w poszukiwaniu luk w systemie zabezpieczeń, aż w końcu b...
Kali Linux. Testy penetracyjne i bezpieczeństwo sieci dla zaawansowanych. Wydanie II Kali Linux. Testy penetracyjne i bezpieczeństwo sieci dla zaawansowanych. Wydanie II
(24.90 zł najniższa cena z 30 dni)34.50 zł
69.00 zł(-50%) -
Designed for security professionals and aspiring pentesters, this book equips you with the skills and knowledge to exploit vulnerabilities, gain access, and navigate post-exploitation scenarios across diverse platforms.
PowerShell for Penetration Testing. Explore the capabilities of PowerShell for pentesters across multiple platforms PowerShell for Penetration Testing. Explore the capabilities of PowerShell for pentesters across multiple platforms
(100.08 zł najniższa cena z 30 dni) -
Burp Suite is an immensely powerful and popular tool for web application security testing. This book provides a collection of recipes that address vulnerabilities in web applications and APIs. It offers guidance on how to configure Burp Suite, make the most of its tools, and explore into its exte...
Burp Suite Cookbook. Web application security made easy with Burp Suite - Second Edition Burp Suite Cookbook. Web application security made easy with Burp Suite - Second Edition
-
This hands-on guide will help you design and build a variety of penetration testing labs that mimic modern cloud environments running on AWS, Azure, and GCP. In addition to these, you will explore a number of practical strategies on how to manage the complexity, cost, and security risks involved ...
Building and Automating Penetration Testing Labs in the Cloud. Set up cost-effective hacking environments for learning cloud security on AWS, Azure, and GCP Building and Automating Penetration Testing Labs in the Cloud. Set up cost-effective hacking environments for learning cloud security on AWS, Azure, and GCP
-
Ta książka jest praktycznym i wyczerpującym przewodnikiem, dzięki któremu w pełni wykorzystasz możliwości Kali Linux. Opisano w niej wiele interesujących zagadnień związanych z przeprowadzaniem testów penetracyjnych. Dowiesz się, jak zbudować nowoczesne środowisko testowe z użyciem kontenerów Doc...(59.40 zł najniższa cena z 30 dni)
69.30 zł
99.00 zł(-30%) -
Shellcode is code that is used to execute a command within software memory to take control of or exploit a target computer. Offensive Shellcode from Scratch helps you to understand what shellcode is, along with its components, the tools used to build shellcode, and how shellcode can be used withi...
Offensive Shellcode from Scratch. Get to grips with shellcode countermeasures and discover how to bypass them Offensive Shellcode from Scratch. Get to grips with shellcode countermeasures and discover how to bypass them
-
Wraz z rozwojem internetu rzeczy, a także upowszechnianiem się elektronicznego sterowania i kontrolowania różnych procesów przestępcy doskonalą techniki łamania zabezpieczeń systemów wbudowanych. Konsekwencje skutecznego ataku na jakiś kluczowy element infrastruktury mogą się okazać dotkliwe i ni...
Hardware i testy penetracyjne. Przewodnik po metodach ataku i obrony Hardware i testy penetracyjne. Przewodnik po metodach ataku i obrony
(47.40 zł najniższa cena z 30 dni)55.30 zł
79.00 zł(-30%)
O autorze ebooka
Nipun Jaswal - pozostałe książki
-
Metasploit is a popular penetration testing framework that has one of the largest exploit databases around. This book will show you exactly how to prepare yourself for the attacks you will face every day by simulating real-world possibilities.
Mastering Metasploit. Exploit systems, cover your tracks, and bypass security controls with the Metasploit 5.0 framework - Fourth Edition Mastering Metasploit. Exploit systems, cover your tracks, and bypass security controls with the Metasploit 5.0 framework - Fourth Edition
-
This Learning Path is your one-stop solution to learn everything that is required to validate your complex system with penetration testing. Starting with the architecture of the Metasploit framework, this Learning Path shows how to leverage the many features and functionalities of Metasploit to p...
The Complete Metasploit Guide. Explore effective penetration testing techniques with Metasploit The Complete Metasploit Guide. Explore effective penetration testing techniques with Metasploit
-
Metasploit is a popular penetration testing framework that has one of the largest exploit databases around. This book will show you exactly how to prepare yourself for the attacks you will face every day by simulating real-world possibilities.
Mastering Metasploit. Take your penetration testing and IT security skills to a whole new level with the secrets of Metasploit - Third Edition Mastering Metasploit. Take your penetration testing and IT security skills to a whole new level with the secrets of Metasploit - Third Edition
-
In the era of network attacks and malware threat, it becomes important to have skills to investigate the attack evidence and vulnerabilities prevailing in the network. This book focuses on how to acquire and analyze the evidence, write a report and use the common tools in network forensics.
Hands-On Network Forensics. Investigate network attacks and find evidence using common network forensic tools Hands-On Network Forensics. Investigate network attacks and find evidence using common network forensic tools
-
Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection...
Metasploit Penetration Testing Cookbook. Evade antiviruses, bypass firewalls, and exploit complex environments with the most widely used penetration testing framework - Third Edition Metasploit Penetration Testing Cookbook. Evade antiviruses, bypass firewalls, and exploit complex environments with the most widely used penetration testing framework - Third Edition
Daniel Teixeira, Abhinav Singh, Nipun Jaswal, Monika Agarwal
-
: Metasploit is a popular penetration testing framework that has one of the largest exploit databases around. This book will show you exactly how to prepare yourself against the attacks you will face every day by simulating real-world possibilities.
Metasploit Revealed: Secrets of the Expert Pentester. Build your defense against complex attacks Metasploit Revealed: Secrets of the Expert Pentester. Build your defense against complex attacks
-
Metasploit Bootcamp will enable readers to gain hands-on knowledge on Penetration testing with Metasploit in various environments using a boot camp style approach. The readers will learn about Scanning, fingerprinting and exploiting different software. They will also learn about testing on servic...
Metasploit Bootcamp. The fastest way to learn Metasploit Metasploit Bootcamp. The fastest way to learn Metasploit
-
Metasploit is a popular penetration testing framework that has one of the largest exploit databases around. This book will show you exactly how to prepare yourself against the attacks you will face every day by simulating real-world possibilities.We start by reminding you about the basic function...
Mastering Metasploit. Discover the next level of network defense with the Metasploit framework - Second Edition Mastering Metasploit. Discover the next level of network defense with the Metasploit framework - Second Edition
Ebooka "Mastering Metasploit. With this tutorial you can improve your Metasploit skills and learn to put your network’s defenses to the ultimate test. The step-by-step approach teaches you the techniques and languages needed to become an expert" przeczytasz na:
-
czytnikach Inkbook, Kindle, Pocketbook, Onyx Boox i innych
-
systemach Windows, MacOS i innych
-
systemach Windows, Android, iOS, HarmonyOS
-
na dowolnych urządzeniach i aplikacjach obsługujących formaty: PDF, EPub, Mobi
Masz pytania? Zajrzyj do zakładki Pomoc »
Audiobooka "Mastering Metasploit. With this tutorial you can improve your Metasploit skills and learn to put your network’s defenses to the ultimate test. The step-by-step approach teaches you the techniques and languages needed to become an expert" posłuchasz:
-
w aplikacji Ebookpoint na Android, iOS, HarmonyOs
-
na systemach Windows, MacOS i innych
-
na dowolnych urządzeniach i aplikacjach obsługujących format MP3 (pliki spakowane w ZIP)
Masz pytania? Zajrzyj do zakładki Pomoc »
Kurs Video "Mastering Metasploit. With this tutorial you can improve your Metasploit skills and learn to put your network’s defenses to the ultimate test. The step-by-step approach teaches you the techniques and languages needed to become an expert" zobaczysz:
-
w aplikacjach Ebookpoint i Videopoint na Android, iOS, HarmonyOs
-
na systemach Windows, MacOS i innych z dostępem do najnowszej wersji Twojej przeglądarki internetowej
Szczegóły ebooka
- Tytuł oryginału:
- Mastering Metasploit. With this tutorial you can improve your Metasploit skills and learn to put your network’s defenses to the ultimate test. The step-by-step approach teaches you the techniques and languages needed to become an expert.
- ISBN Ebooka:
- 978-17-821-6223-0, 9781782162230
- Data wydania ebooka:
- 2014-05-26 Data wydania ebooka często jest dniem wprowadzenia tytułu do sprzedaży i może nie być równoznaczna z datą wydania książki papierowej. Dodatkowe informacje możesz znaleźć w darmowym fragmencie. Jeśli masz wątpliwości skontaktuj się z nami sklep@ebookpoint.pl.
- Język publikacji:
- angielski
- Rozmiar pliku Pdf:
- 14.1MB
- Rozmiar pliku ePub:
- 30.3MB
- Rozmiar pliku Mobi:
- 44.1MB
Spis treści ebooka
- Mastering Metasploit
- Table of Contents
- Mastering Metasploit
- Credits
- About the Author
- About the Reviewers
- www.PacktPub.com
- Support files, eBooks, discount offers, and more
- Why subscribe?
- Free access for Packt account holders
- Support files, eBooks, discount offers, and more
- Preface
- What this book covers
- What you need for this book
- Who this book is for
- Conventions
- Reader feedback
- Customer support
- Errata
- Piracy
- Questions
- 1. Approaching a Penetration Test Using Metasploit
- Setting up the environment
- Preinteractions
- Intelligence gathering / reconnaissance phase
- Presensing the test grounds
- Modeling threats
- Vulnerability analysis
- Exploitation and post-exploitation
- Reporting
- Setting up the environment
- Mounting the environment
- Setting up the penetration test lab
- The fundamentals of Metasploit
- Configuring Metasploit on different environments
- Configuring Metasploit on Windows XP/7
- Configuring Metasploit on Ubuntu
- Dealing with error states
- Errors in the Windows-based installation
- Errors in the Linux-based installation
- Conducting a penetration test with Metasploit
- Recalling the basics of Metasploit
- Penetration testing Windows XP
- Assumptions
- Gathering intelligence
- Modeling threats
- Vulnerability analysis
- The attack procedure with respect to the NETAPI vulnerability
- The concept of attack
- The procedure of exploiting a vulnerability
- Exploitation and post-exploitation
- Maintaining access
- Clearing tracks
- Penetration testing Windows Server 2003
- Penetration testing Windows 7
- Gathering intelligence
- Modeling threats
- Vulnerability analysis
- The exploitation procedure
- Exploitation and post-exploitation
- Using the database to store and fetch results
- Generating reports
- The dominance of Metasploit
- Open source
- Support for testing large networks and easy naming conventions
- Smart payload generation and switching mechanism
- Cleaner exits
- The GUI environment
- Summary
- 2. Reinventing Metasploit
- Ruby the heart of Metasploit
- Creating your first Ruby program
- Interacting with the Ruby shell
- Defining methods in the shell
- Creating your first Ruby program
- Variables and data types in Ruby
- Working with strings
- The split function
- The squeeze function
- Numbers and conversions in Ruby
- Ranges in Ruby
- Arrays in Ruby
- Ruby the heart of Metasploit
- Methods in Ruby
- Decision-making operators
- Loops in Ruby
- Regular expressions
- Wrapping up with Ruby basics
- Developing custom modules
- Building a module in a nutshell
- The architecture of the Metasploit framework
- Understanding the libraries layout
- Building a module in a nutshell
- Understanding the existing modules
- Writing out a custom FTP scanner module
- Writing out a custom HTTP server scanner
- Writing out post-exploitation modules
- Breakthrough meterpreter scripting
- Essentials of meterpreter scripting
- Pivoting the target network
- Setting up persistent access
- API calls and mixins
- Fabricating custom meterpreter scripts
- Working with RailGun
- Interactive Ruby shell basics
- Understanding RailGun and its scripting
- Manipulating Windows API calls
- Fabricating sophisticated RailGun scripts
- Summary
- 3. The Exploit Formulation Process
- The elemental assembly primer
- The basics
- Architectures
- System organization basics
- Registers
- Gravity of EIP
- Gravity of ESP
- Relevance of NOPs and JMP
- Variables and declaration
- Fabricating example assembly programs
- The elemental assembly primer
- The joy of fuzzing
- Crashing the application
- Variable input supplies
- Generating junk
- An introduction to Immunity Debugger
- An introduction to GDB
- Building up the exploit base
- Calculating the buffer size
- Calculating the JMP address
- Examining the EIP
- The script
- Stuffing applications for fun and profit
- Examining ESP
- Stuffing the space
- Finalizing the exploit
- Determining bad characters
- Determining space limitations
- Fabricating under Metasploit
- Automation functions in Metasploit
- The fundamentals of a structured exception handler
- Controlling SEH
- Bypassing SEH
- SEH-based exploits
- Summary
- 4. Porting Exploits
- Porting a Perl-based exploit
- Dismantling the existing exploit
- Understanding the logic of exploitation
- Gathering the essentials
- Dismantling the existing exploit
- Generating a skeleton for the exploit
- Generating a skeleton using Immunity Debugger
- Stuffing the values
- Precluding the ShellCode
- Experimenting with the exploit
- Porting a Perl-based exploit
- Porting a Python-based exploit
- Dismantling the existing exploit
- Gathering the essentials
- Generating a skeleton
- Stuffing the values
- Experimenting with the exploit
- Porting a web-based exploit
- Dismantling the existing exploit
- Gathering the essentials
- Grasping the important web functions
- The essentials of the GET/POST method
- Fabricating an auxiliary-based exploit
- Working and explanation
- Experimenting with the auxiliary exploit
- Summary
- 5. Offstage Access to Testing Services
- The fundamentals of SCADA
- The fundamentals of ICS and its components
- The seriousness of ICS-SCADA
- The fundamentals of SCADA
- SCADA torn apart
- The fundamentals of testing SCADA
- SCADA-based exploits
- Securing SCADA
- Implementing secure SCADA
- Restricting networks
- Database exploitation
- SQL server
- FootPrinting SQL server with Nmap
- Scanning with Metasploit modules
- Brute forcing passwords
- Locating/capturing server passwords
- Browsing SQL server
- Post-exploiting/executing system commands
- Reloading the xp_cmdshell functionality
- Running SQL-based queries
- VOIP exploitation
- VOIP fundamentals
- An introduction to PBX
- Types of VOIP services
- Self-hosted network
- Hosted services
- SIP service providers
- VOIP fundamentals
- FootPrinting VOIP services
- Scanning VOIP services
- Spoofing a VOIP call
- Exploiting VOIP
- About the vulnerability
- Exploiting the application
- Post-exploitation on Apple iDevices
- Exploiting iOS with Metasploit
- Summary
- 6. Virtual Test Grounds and Staging
- Performing a white box penetration test
- Interaction with the employees and end users
- Gathering intelligence
- Explaining the fundamentals of the OpenVAS vulnerability scanner
- Setting up OpenVAS
- Greenbone interfaces for OpenVAS
- Modeling the threat areas
- Targeting suspected vulnerability prone systems
- Gaining access
- Covering tracks
- Introducing MagicTree
- Other reporting services
- Performing a white box penetration test
- Generating manual reports
- The format of the report
- The executive summary
- Methodology / network admin level report
- Additional sections
- The format of the report
- Performing a black box penetration test
- FootPrinting
- Using Dmitry for FootPrinting
- WHOIS details and information
- Finding out subdomains
- E-mail harvesting
- DNS enumeration with Metasploit
- Using Dmitry for FootPrinting
- FootPrinting
- Conducting a black box test with Metasploit
- Pivoting to the target
- Scanning the hidden target using proxychains and db_nmap
- Conducting vulnerability scanning using Nessus
- Exploiting the hidden target
- Elevating privileges
- Summary
- 7. Sophisticated Client-side Attacks
- Exploiting browsers
- The workings of the browser autopwn attack
- The technology behind the attack
- Attacking browsers with Metasploit browser autopwn
- The workings of the browser autopwn attack
- Exploiting browsers
- File format-based exploitation
- PDF-based exploits
- Word-based exploits
- Media-based exploits
- Compromising XAMPP servers
- The PHP meterpreter
- Escalating to system-level privileges
- Compromising the clients of a website
- Injecting the malicious web scripts
- Hacking the users of a website
- Bypassing AV detections
- msfencode
- msfvenom
- Cautions while using encoders
- Conjunction with DNS spoofing
- Tricking victims with DNS hijacking
- Attacking Linux with malicious packages
- Summary
- 8. The Social Engineering Toolkit
- Explaining the fundamentals of the social engineering toolkit
- The attack types
- Explaining the fundamentals of the social engineering toolkit
- Attacking with SET
- Creating a Payload and Listener
- Infectious Media Generator
- Website Attack Vectors
- The Java applet attack
- The tabnabbing attack
- The web jacking attack
- Third-party attacks with SET
- Providing additional features and further readings
- The SET web interface
- Automating SET attacks
- Summary
- 9. Speeding Up Penetration Testing
- Introducing automated tools
- Fast Track MS SQL attack vectors
- A brief about Fast Track
- Carrying out the MS SQL brute force attack
- A brief about Fast Track
- The depreciation of Fast Track
- Renewed Fast Track in SET
- Automated exploitation in Metasploit
- Re-enabling db_autopwn
- Scanning the target
- Attacking the database
- Fake updates with the DNS-spoofing attack
- Introducing WebSploit
- Fixing up WebSploit
- Fixing path issues
- Fixing payload generation
- Fixing the file copy issue
- Attacking a LAN with WebSploit
- Summary
- 10. Visualizing with Armitage
- The fundamentals of Armitage
- Getting started
- Touring the user interface
- Managing the workspace
- The fundamentals of Armitage
- Scanning networks and host management
- Modeling out vulnerabilities
- Finding the match
- Exploitation with Armitage
- Post-exploitation with Armitage
- Attacking on the client side with Armitage
- Scripting Armitage
- The fundamentals of Cortana
- Controlling Metasploit
- Post-exploitation with Cortana
- Building a custom menu in Cortana
- Working with interfaces
- Summary
- Further reading
- Index
Packt Publishing - inne książki
-
Mastering Data transformation is essential for enhancing their data models and business intelligence. The Definitive Guide to Power Query equips you with the knowledge and skills to master the tool while leveraging its remarkable capabilities.
The Definitive Guide to Power Query (M). Mastering complex data transformation with Power Query The Definitive Guide to Power Query (M). Mastering complex data transformation with Power Query
Gregory Deckler, Rick de Groot, Melissa de Korte, Brian Julius
Dzieki opcji "Druk na żądanie" do sprzedaży wracają tytuły Grupy Helion, które cieszyły sie dużym zainteresowaniem, a których nakład został wyprzedany.
Dla naszych Czytelników wydrukowaliśmy dodatkową pulę egzemplarzy w technice druku cyfrowego.
Co powinieneś wiedzieć o usłudze "Druk na żądanie":
- usługa obejmuje tylko widoczną poniżej listę tytułów, którą na bieżąco aktualizujemy;
- cena książki może być wyższa od początkowej ceny detalicznej, co jest spowodowane kosztami druku cyfrowego (wyższymi niż koszty tradycyjnego druku offsetowego). Obowiązująca cena jest zawsze podawana na stronie WWW książki;
- zawartość książki wraz z dodatkami (płyta CD, DVD) odpowiada jej pierwotnemu wydaniu i jest w pełni komplementarna;
- usługa nie obejmuje książek w kolorze.
Masz pytanie o konkretny tytuł? Napisz do nas: sklep[at]helion.pl.
Książka, którą chcesz zamówić pochodzi z końcówki nakładu. Oznacza to, że mogą się pojawić drobne defekty (otarcia, rysy, zagięcia).
Co powinieneś wiedzieć o usłudze "Końcówka nakładu":
- usługa obejmuje tylko książki oznaczone tagiem "Końcówka nakładu";
- wady o których mowa powyżej nie podlegają reklamacji;
Masz pytanie o konkretny tytuł? Napisz do nas: sklep[at]helion.pl.
Książka drukowana
Oceny i opinie klientów: Mastering Metasploit. With this tutorial you can improve your Metasploit skills and learn to put your network’s defenses to the ultimate test. The step-by-step approach teaches you the techniques and languages needed to become an expert Nipun Jaswal (0) Weryfikacja opinii następuję na podstawie historii zamówień na koncie Użytkownika umieszczającego opinię. Użytkownik mógł otrzymać punkty za opublikowanie opinii uprawniające do uzyskania rabatu w ramach Programu Punktowego.