Metasploit for Beginners

Key Features

• Carry out penetration testing in highly-secured environments with Metasploit
• Learn to bypass different defenses to gain access into different systems.
• A step-by-step guide that will quickly enhance your penetration testing skills.

Book Description

This book will begin by introducing you to Metasploit and its functionality. Next, you will learn how to set up and configure Metasploit on various platforms to create a virtual test environment. You will also get your hands on various tools and components used by Metasploit.

Further on in the book, you will learn how to find weaknesses in the target system and hunt for vulnerabilities using Metasploit and its supporting tools. Next, you'll get hands-on experience carrying out client-side attacks. Moving on, you'll learn about web application security scanning and bypassing anti-virus and clearing traces on the target system post compromise. This book will also keep you updated with the latest security techniques and methods that can be directly applied to scan, test, hack, and secure networks and systems with Metasploit.

By the end of this book, you'll get the hang of bypassing different defenses, after which you'll learn how hackers use the network to gain access into different systems.

What you will learn

• Get to know the absolute basics of the Metasploit framework so you have a strong foundation for advanced attacks
• Integrate and use various supporting tools to make Metasploit even more powerful and precise
• Set up the Metasploit environment along with your own virtual testing lab
• Use Metasploit for information gathering and enumeration before planning the blueprint for the attack on the target system
• Get your hands dirty by firing up Metasploit in your own virtual lab and hunt down real vulnerabilities
• Discover the clever features of the Metasploit framework for launching sophisticated and deceptive client-side attacks that bypass the perimeter security
• Leverage Metasploit capabilities to perform Web application security scanning

About the Author

Sagar Rahalkar is a seasoned information security professional having more than 10 years of comprehensive experience in various verticals of IS. His domain expertise is mainly into breach detection, cyber crime investigations, digital forensics, application security, vulnerability assessment and penetration testing, compliance for mandates and regulations, IT GRC, and much more. He holds a master's degree in computer science and several industry-recognized certifications such as Certified Cyber Crime Investigator, Certified Ethical Hacker, Certified Security Analyst, ISO 27001 Lead Auditor, IBM certified Specialist-Rational AppScan, Certified Information Security Manager (CISM), and PRINCE2. He has been closely associated with Indian law enforcement agencies for more than 3 years dealing with digital crime investigations and related training and received several awards and appreciations from senior officials of the police and defense organizations in India. Sagar has also been a reviewer and author for various books and online publications.

Table of Contents

1. Introduction to Metasploit & Supporting Tools
2. Setting up your environment
3. Metasploit Components and Environment Configuration
4. Information Gathering with Metasploit
5. Vulnerability hunting with Metasploit
6. Client Side attacks with Metasploit
7. Web Application Scanning with Metasploit
8. Anti-Virus Evasion and Anti-Forensics
9. Cyber Attack Management using Armitage
10. Extending Metasploit & Exploit Development