Mastering Metasploit :: take your penetration testing and IT security skills to a whole new level with the secrets of Metasploit /
Discover the next level of network defense with the Metasploit framework About This Book Gain the skills to carry out penetration testing in complex and highly-secured environments Become a master using the Metasploit framework, develop exploits, and generate modules for a variety of real-world scen...
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Elektronisch E-Book |
| Sprache: | English |
| Veröffentlicht: |
Birmingham, UK :
Packt Publishing,
2018.
|
| Ausgabe: | Third edition. |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Zusammenfassung: | Discover the next level of network defense with the Metasploit framework About This Book Gain the skills to carry out penetration testing in complex and highly-secured environments Become a master using the Metasploit framework, develop exploits, and generate modules for a variety of real-world scenarios Get this completely updated edition with new useful methods and techniques to make your network robust and resilient Who This Book Is For This book is a hands-on guide to penetration testing using Metasploit and covers its complete development. It shows a number of techniques and methodologies that will help you master the Metasploit framework and explore approaches to carrying out advanced penetration testing in highly secured environments. What You Will Learn Develop advanced and sophisticated auxiliary modules Port exploits from PERL, Python, and many more programming languages Test services such as databases, SCADA, and many more Attack the client side with highly advanced techniques Test mobile and tablet devices with Metasploit Bypass modern protections such as an AntiVirus and IDS with Metasploit Simulate attacks on web servers and systems with Armitage GUI Script attacks in Armitage using CORTANA scripting In Detail We start by reminding you about the basic functionalities of Metasploit and its use in the most traditional ways. You'll get to know about the basics of programming Metasploit modules as a refresher and then dive into carrying out exploitation as well building and porting exploits of various kinds in Metasploit. In the next section, you'll develop the ability to perform testing on various services such as databases, Cloud environment, IoT, mobile, tablets, and similar more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework. By the end of the book, you will be trained specifically on time-saving techniques using Metasploit. Style and approach This is a step-by-step guide that provides great Metasploit framework methodologies. All the key concepts are explained details with the help of examples and demonstrations that will help you understand everything you need to know about Metasploit. |
| Beschreibung: | 1 online resource (1 volume) : illustrations |
| Bibliographie: | Includes bibliographical references. |
| ISBN: | 9781788994200 1788994205 1788990617 9781788990615 |
Internformat
MARC
| LEADER | 00000cam a2200000 i 4500 | ||
|---|---|---|---|
| 001 | ZDB-4-EBA-on1041858471 | ||
| 003 | OCoLC | ||
| 005 | 20241004212047.0 | ||
| 006 | m o d | ||
| 007 | cr unu|||||||| | ||
| 008 | 180625s2018 enka ob 000 0 eng d | ||
| 040 | |a UMI |b eng |e rda |e pn |c UMI |d OCLCF |d TOH |d STF |d DEBBG |d CEF |d G3B |d S9I |d UAB |d VT2 |d YDX |d TEFOD |d N$T |d UKMGB |d CZL |d OCLCQ |d OCLCO |d NZAUC |d OCLCQ |d OCLCO |d OCLCL |d DXU | ||
| 015 | |a GBC205989 |2 bnb | ||
| 016 | 7 | |a 018917877 |2 Uk | |
| 019 | |a 1040588528 | ||
| 020 | |a 9781788994200 | ||
| 020 | |a 1788994205 | ||
| 020 | |a 1788990617 | ||
| 020 | |a 9781788990615 | ||
| 020 | |z 9781788990615 | ||
| 035 | |a (OCoLC)1041858471 |z (OCoLC)1040588528 | ||
| 037 | |a CL0500000974 |b Safari Books Online | ||
| 050 | 4 | |a QA76.9.A25 | |
| 082 | 7 | |a 005.8 |2 23 | |
| 049 | |a MAIN | ||
| 100 | 1 | |a Jaswal, Nipun, |e author. | |
| 245 | 1 | 0 | |a Mastering Metasploit : |b take your penetration testing and IT security skills to a whole new level with the secrets of Metasploit / |c Nipun Jaswal. |
| 250 | |a Third edition. | ||
| 264 | 1 | |a Birmingham, UK : |b Packt Publishing, |c 2018. | |
| 300 | |a 1 online resource (1 volume) : |b illustrations | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 347 | |a data file | ||
| 588 | 0 | |a Online resource; title from title page (Safari, viewed June 25, 2018). | |
| 504 | |a Includes bibliographical references. | ||
| 520 | |a Discover the next level of network defense with the Metasploit framework About This Book Gain the skills to carry out penetration testing in complex and highly-secured environments Become a master using the Metasploit framework, develop exploits, and generate modules for a variety of real-world scenarios Get this completely updated edition with new useful methods and techniques to make your network robust and resilient Who This Book Is For This book is a hands-on guide to penetration testing using Metasploit and covers its complete development. It shows a number of techniques and methodologies that will help you master the Metasploit framework and explore approaches to carrying out advanced penetration testing in highly secured environments. What You Will Learn Develop advanced and sophisticated auxiliary modules Port exploits from PERL, Python, and many more programming languages Test services such as databases, SCADA, and many more Attack the client side with highly advanced techniques Test mobile and tablet devices with Metasploit Bypass modern protections such as an AntiVirus and IDS with Metasploit Simulate attacks on web servers and systems with Armitage GUI Script attacks in Armitage using CORTANA scripting In Detail We start by reminding you about the basic functionalities of Metasploit and its use in the most traditional ways. You'll get to know about the basics of programming Metasploit modules as a refresher and then dive into carrying out exploitation as well building and porting exploits of various kinds in Metasploit. In the next section, you'll develop the ability to perform testing on various services such as databases, Cloud environment, IoT, mobile, tablets, and similar more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework. By the end of the book, you will be trained specifically on time-saving techniques using Metasploit. Style and approach This is a step-by-step guide that provides great Metasploit framework methodologies. All the key concepts are explained details with the help of examples and demonstrations that will help you understand everything you need to know about Metasploit. | ||
| 505 | 0 | |a Cover -- Copyright and Credits -- Dedication -- Packt Upsell -- Contributors -- Table of Contents -- Preface -- Chapter 1: Approaching a Penetration Test Using Metasploit -- Organizing a penetration test -- Preinteractions -- Intelligence gathering/reconnaissance phase -- Threat modeling -- Vulnerability analysis -- Exploitation and post-exploitation -- Reporting -- Mounting the environment -- Setting up Kali Linux in a virtual environment -- The fundamentals of Metasploit -- Conducting a penetration test with Metasploit -- Recalling the basics of Metasploit -- Benefits of penetration testing using Metasploit -- Open source -- Support for testing large networks and natural naming conventions -- Smart payload generation and switching mechanism -- Cleaner exits -- The GUI environment -- Case study -- diving deep into an unknown network -- Gathering intelligence -- Using databases in Metasploit -- Modeling threats -- Vulnerability analysis -- arbitrary file upload (unauthenticated) -- Attacking mechanism on the PhpCollab 2.5.1 application -- Exploitation and gaining access -- Escalating privileges with local root exploits -- Maintaining access with Metasploit -- Post-exploitation and pivoting -- Vulnerability analysis -- SEH based buffer overflow -- Exploiting human errors by compromising Password Managers -- Revisiting the case study -- Revising the approach -- Summary and exercises -- Chapter 2: Reinventing Metasploit -- Ruby -- the heart of Metasploit -- Creating your first Ruby program -- Interacting with the Ruby shell -- Defining methods in the shell -- Variables and data types in Ruby -- Working with strings -- Concatenating strings -- The substring function -- The split function -- Numbers and conversions in Ruby -- Conversions in Ruby -- Ranges in Ruby -- Arrays in Ruby -- Methods in Ruby -- Decision-making operators -- Loops in Ruby. | |
| 505 | 8 | |a Regular expressions -- Wrapping up with Ruby basics -- Developing custom modules -- Building a module in a nutshell -- The architecture of the Metasploit framework -- Understanding the file structure -- The libraries layout -- Understanding the existing modules -- The format of a Metasploit module -- Disassembling the existing HTTP server scanner module -- Libraries and the function -- Writing out a custom FTP scanner module -- Libraries and functions -- Using msftidy -- Writing out a custom SSH-authentication with a brute force attack -- Rephrasing the equation -- Writing a drive-disabler post-exploitation module -- Writing a credential harvester post-exploitation module -- Breakthrough Meterpreter scripting -- Essentials of Meterpreter scripting -- Setting up persistent access -- API calls and mixins -- Fabricating custom Meterpreter scripts -- Working with RailGun -- Interactive Ruby shell basics -- Understanding RailGun and its scripting -- Manipulating Windows API calls -- Fabricating sophisticated RailGun scripts -- Summary and exercises -- Chapter 3: The Exploit Formulation Process -- The absolute basics of exploitation -- The basics -- The architecture -- System organization basics -- Registers -- Exploiting stack-based buffer overflows with Metasploit -- Crashing the vulnerable application -- Building the exploit base -- Calculating the offset -- Using the pattern_create tool -- Using the pattern_offset tool -- Finding the JMP ESP address -- Using the Immunity Debugger to find executable modules -- Using msfpescan -- Stuffing the space -- Relevance of NOPs -- Determining bad characters -- Determining space limitations -- Writing the Metasploit exploit module -- Exploiting SEH-based buffer overflows with Metasploit -- Building the exploit base -- Calculating the offset -- Using the pattern_create tool -- Using the pattern_offset tool. | |
| 505 | 8 | |a Finding the POP/POP/RET address -- The Mona script -- Using msfpescan -- Writing the Metasploit SEH exploit module -- Using the NASM shell for writing assembly instructions -- Bypassing DEP in Metasploit modules -- Using msfrop to find ROP gadgets -- Using Mona to create ROP chains -- Writing the Metasploit exploit module for DEP bypass -- Other protection mechanisms -- Summary -- Chapter 4: Porting Exploits -- Importing a stack-based buffer overflow exploit -- Gathering the essentials -- Generating a Metasploit module -- Exploiting the target application with Metasploit -- Implementing a check method for exploits in Metasploit -- Importing web-based RCE into Metasploit -- Gathering the essentials -- Grasping the important web functions -- The essentials of the GET/POST method -- Importing an HTTP exploit into Metasploit -- Importing TCP server/browser-based exploits into Metasploit -- Gathering the essentials -- Generating the Metasploit module -- Summary -- Chapter 5: Testing Services with Metasploit -- Fundamentals of testing SCADA systems -- The fundamentals of ICS and its components -- The significance of ICS-SCADA -- Exploiting HMI in SCADA servers -- Fundamentals of testing SCADA -- SCADA-based exploits -- Attacking the Modbus protocol -- Securing SCADA -- Implementing secure SCADA -- Restricting networks -- Database exploitation -- SQL server -- Scanning MSSQL with Metasploit modules -- Brute forcing passwords -- Locating/capturing server passwords -- Browsing the SQL server -- Post-exploiting/executing system commands -- Reloading the xp_cmdshell functionality -- Running SQL-based queries -- Testing VOIP services -- VOIP fundamentals -- An introduction to PBX -- Types of VOIP services -- Self-hosted network -- Hosted services -- SIP service providers -- Fingerprinting VOIP services -- Scanning VOIP services -- Spoofing a VOIP call. | |
| 505 | 8 | |a Exploiting VOIP -- About the vulnerability -- Exploiting the application -- Summary -- Chapter 6: Virtual Test Grounds and Staging -- Performing a penetration test with integrated Metasploit services -- Interaction with the employees and end users -- Gathering intelligence -- Example environment being tested -- Vulnerability scanning with OpenVAS using Metasploit -- Modeling the threat areas -- Gaining access to the target -- Exploiting the Active Directory (AD) with Metasploit -- Finding the domain controller -- Enumerating shares in the Active Directory network -- Enumerating the AD computers -- Enumerating signed-in users in the Active Directory -- Enumerating domain tokens -- Using extapi in Meterpreter -- Enumerating open Windows using Metasploit -- Manipulating the clipboard -- Using ADSI management commands in Metasploit -- Using PsExec exploit in the network -- Using Kiwi in Metasploit -- Using cachedump in Metasploit -- Maintaining access to AD -- Generating manual reports -- The format of the report -- The executive summary -- Methodology/network admin-level report -- Additional sections -- Summary -- Chapter 7: Client-Side Exploitation -- Exploiting browsers for fun and profit -- The browser autopwn attack -- The technology behind the browser autopwn attack -- Attacking browsers with Metasploit browser autopwn -- Compromising the clients of a website -- Injecting the malicious web scripts -- Hacking the users of a website -- The autopwn with DNS spoofing and MITM attacks -- Tricking victims with DNS hijacking -- Using Kali NetHunter with browser exploits -- Metasploit and Arduino -- the deadly combination -- File format-based exploitation -- PDF-based exploits -- Word-based exploits -- Attacking Android with Metasploit -- Summary and exercises -- Chapter 8: Metasploit Extended -- Basics of post-exploitation with Metasploit. | |
| 505 | 8 | |a Basic post-exploitation commands -- The help menu -- The background command -- Reading from a channel -- File operation commands -- Desktop commands -- Screenshots and camera enumeration -- Advanced post-exploitation with Metasploit -- Obtaining system privileges -- Changing access, modification, and creation time with timestomp -- Additional post-exploitation modules -- Gathering wireless SSIDs with Metasploit -- Gathering Wi-Fi passwords with Metasploit -- Getting the applications list -- Gathering Skype passwords -- Gathering USB history -- Searching files with Metasploit -- Wiping logs from the target with the clearev command -- Advanced extended features of Metasploit -- Using pushm and popm commands -- Speeding up development using the reload, edit, and reload_all commands -- Making use of resource scripts -- Using AutoRunScript in Metasploit -- Using the multiscript module in AutoRunScript option -- Privilege escalation using Metasploit -- Finding passwords in clear text using mimikatz -- Sniffing traffic with Metasploit -- Host file injection with Metasploit -- Phishing Windows login passwords -- Summary and exercises -- Chapter 9: Evasion with Metasploit -- Evading Meterpreter using C wrappers and custom encoders -- Writing a custom Meterpreter encoder/decoder in C -- Evading intrusion detection systems with Metasploit -- Using random cases for fun and profit -- Using fake relatives to fool IDS systems -- Bypassing Windows firewall blocked ports -- Using the reverse Meterpreter on all ports -- Summary and exercises -- Chapter 10: Metasploit for Secret Agents -- Maintaining anonymity in Meterpreter sessions -- Maintaining access using vulnerabilities in common software -- DLL search order hijacking -- Using code caves for hiding backdoors -- Harvesting files from target systems -- Using venom for obfuscation. | |
| 630 | 0 | 0 | |a Metasploit (Electronic resource) |0 http://id.loc.gov/authorities/names/n2011043654 |
| 630 | 0 | 7 | |a Metasploit (Electronic resource) |2 fast |
| 650 | 0 | |a Computer security. |0 http://id.loc.gov/authorities/subjects/sh90001862 | |
| 650 | 0 | |a Computers |x Access control. |0 http://id.loc.gov/authorities/subjects/sh85029553 | |
| 650 | 0 | |a Penetration testing (Computer security) |0 http://id.loc.gov/authorities/subjects/sh2011003137 | |
| 650 | 2 | |a Computer Security |0 https://id.nlm.nih.gov/mesh/D016494 | |
| 650 | 6 | |a Sécurité informatique. | |
| 650 | 6 | |a Ordinateurs |x Accès |x Contrôle. | |
| 650 | 6 | |a Tests d'intrusion. | |
| 650 | 7 | |a Computer networking & communications. |2 bicssc | |
| 650 | 7 | |a Network security. |2 bicssc | |
| 650 | 7 | |a Computer security. |2 bicssc | |
| 650 | 7 | |a Computers. |x Networking |x Security. |2 bisacsh | |
| 650 | 7 | |a Computers. |x System Administration |x General. |2 bisacsh | |
| 650 | 7 | |a Computers. |x Security |x General. |2 bisacsh | |
| 650 | 7 | |a Computer security |2 fast | |
| 650 | 7 | |a Computers |x Access control |2 fast | |
| 650 | 7 | |a Penetration testing (Computer security) |2 fast | |
| 758 | |i has work: |a Mastering Metasploit (Text) |1 https://id.oclc.org/worldcat/entity/E39PCGvcT9Fq46YpCPqhkhXB8y |4 https://id.oclc.org/worldcat/ontology/hasWork | ||
| 856 | 4 | 0 | |l FWS01 |p ZDB-4-EBA |q FWS_PDA_EBA |u https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1827509 |3 Volltext |
| 938 | |a EBSCOhost |b EBSC |n 1827509 | ||
| 938 | |a YBP Library Services |b YANK |n 15530553 | ||
| 994 | |a 92 |b GEBAY | ||
| 912 | |a ZDB-4-EBA | ||
| 049 | |a DE-863 | ||
Datensatz im Suchindex
| DE-BY-FWS_katkey | ZDB-4-EBA-on1041858471 |
|---|---|
| _version_ | 1816882463559909376 |
| adam_text | |
| any_adam_object | |
| author | Jaswal, Nipun |
| author_facet | Jaswal, Nipun |
| author_role | aut |
| author_sort | Jaswal, Nipun |
| author_variant | n j nj |
| building | Verbundindex |
| bvnumber | localFWS |
| callnumber-first | Q - Science |
| callnumber-label | QA76 |
| callnumber-raw | QA76.9.A25 |
| callnumber-search | QA76.9.A25 |
| callnumber-sort | QA 276.9 A25 |
| callnumber-subject | QA - Mathematics |
| collection | ZDB-4-EBA |
| contents | Cover -- Copyright and Credits -- Dedication -- Packt Upsell -- Contributors -- Table of Contents -- Preface -- Chapter 1: Approaching a Penetration Test Using Metasploit -- Organizing a penetration test -- Preinteractions -- Intelligence gathering/reconnaissance phase -- Threat modeling -- Vulnerability analysis -- Exploitation and post-exploitation -- Reporting -- Mounting the environment -- Setting up Kali Linux in a virtual environment -- The fundamentals of Metasploit -- Conducting a penetration test with Metasploit -- Recalling the basics of Metasploit -- Benefits of penetration testing using Metasploit -- Open source -- Support for testing large networks and natural naming conventions -- Smart payload generation and switching mechanism -- Cleaner exits -- The GUI environment -- Case study -- diving deep into an unknown network -- Gathering intelligence -- Using databases in Metasploit -- Modeling threats -- Vulnerability analysis -- arbitrary file upload (unauthenticated) -- Attacking mechanism on the PhpCollab 2.5.1 application -- Exploitation and gaining access -- Escalating privileges with local root exploits -- Maintaining access with Metasploit -- Post-exploitation and pivoting -- Vulnerability analysis -- SEH based buffer overflow -- Exploiting human errors by compromising Password Managers -- Revisiting the case study -- Revising the approach -- Summary and exercises -- Chapter 2: Reinventing Metasploit -- Ruby -- the heart of Metasploit -- Creating your first Ruby program -- Interacting with the Ruby shell -- Defining methods in the shell -- Variables and data types in Ruby -- Working with strings -- Concatenating strings -- The substring function -- The split function -- Numbers and conversions in Ruby -- Conversions in Ruby -- Ranges in Ruby -- Arrays in Ruby -- Methods in Ruby -- Decision-making operators -- Loops in Ruby. Regular expressions -- Wrapping up with Ruby basics -- Developing custom modules -- Building a module in a nutshell -- The architecture of the Metasploit framework -- Understanding the file structure -- The libraries layout -- Understanding the existing modules -- The format of a Metasploit module -- Disassembling the existing HTTP server scanner module -- Libraries and the function -- Writing out a custom FTP scanner module -- Libraries and functions -- Using msftidy -- Writing out a custom SSH-authentication with a brute force attack -- Rephrasing the equation -- Writing a drive-disabler post-exploitation module -- Writing a credential harvester post-exploitation module -- Breakthrough Meterpreter scripting -- Essentials of Meterpreter scripting -- Setting up persistent access -- API calls and mixins -- Fabricating custom Meterpreter scripts -- Working with RailGun -- Interactive Ruby shell basics -- Understanding RailGun and its scripting -- Manipulating Windows API calls -- Fabricating sophisticated RailGun scripts -- Summary and exercises -- Chapter 3: The Exploit Formulation Process -- The absolute basics of exploitation -- The basics -- The architecture -- System organization basics -- Registers -- Exploiting stack-based buffer overflows with Metasploit -- Crashing the vulnerable application -- Building the exploit base -- Calculating the offset -- Using the pattern_create tool -- Using the pattern_offset tool -- Finding the JMP ESP address -- Using the Immunity Debugger to find executable modules -- Using msfpescan -- Stuffing the space -- Relevance of NOPs -- Determining bad characters -- Determining space limitations -- Writing the Metasploit exploit module -- Exploiting SEH-based buffer overflows with Metasploit -- Building the exploit base -- Calculating the offset -- Using the pattern_create tool -- Using the pattern_offset tool. Finding the POP/POP/RET address -- The Mona script -- Using msfpescan -- Writing the Metasploit SEH exploit module -- Using the NASM shell for writing assembly instructions -- Bypassing DEP in Metasploit modules -- Using msfrop to find ROP gadgets -- Using Mona to create ROP chains -- Writing the Metasploit exploit module for DEP bypass -- Other protection mechanisms -- Summary -- Chapter 4: Porting Exploits -- Importing a stack-based buffer overflow exploit -- Gathering the essentials -- Generating a Metasploit module -- Exploiting the target application with Metasploit -- Implementing a check method for exploits in Metasploit -- Importing web-based RCE into Metasploit -- Gathering the essentials -- Grasping the important web functions -- The essentials of the GET/POST method -- Importing an HTTP exploit into Metasploit -- Importing TCP server/browser-based exploits into Metasploit -- Gathering the essentials -- Generating the Metasploit module -- Summary -- Chapter 5: Testing Services with Metasploit -- Fundamentals of testing SCADA systems -- The fundamentals of ICS and its components -- The significance of ICS-SCADA -- Exploiting HMI in SCADA servers -- Fundamentals of testing SCADA -- SCADA-based exploits -- Attacking the Modbus protocol -- Securing SCADA -- Implementing secure SCADA -- Restricting networks -- Database exploitation -- SQL server -- Scanning MSSQL with Metasploit modules -- Brute forcing passwords -- Locating/capturing server passwords -- Browsing the SQL server -- Post-exploiting/executing system commands -- Reloading the xp_cmdshell functionality -- Running SQL-based queries -- Testing VOIP services -- VOIP fundamentals -- An introduction to PBX -- Types of VOIP services -- Self-hosted network -- Hosted services -- SIP service providers -- Fingerprinting VOIP services -- Scanning VOIP services -- Spoofing a VOIP call. Exploiting VOIP -- About the vulnerability -- Exploiting the application -- Summary -- Chapter 6: Virtual Test Grounds and Staging -- Performing a penetration test with integrated Metasploit services -- Interaction with the employees and end users -- Gathering intelligence -- Example environment being tested -- Vulnerability scanning with OpenVAS using Metasploit -- Modeling the threat areas -- Gaining access to the target -- Exploiting the Active Directory (AD) with Metasploit -- Finding the domain controller -- Enumerating shares in the Active Directory network -- Enumerating the AD computers -- Enumerating signed-in users in the Active Directory -- Enumerating domain tokens -- Using extapi in Meterpreter -- Enumerating open Windows using Metasploit -- Manipulating the clipboard -- Using ADSI management commands in Metasploit -- Using PsExec exploit in the network -- Using Kiwi in Metasploit -- Using cachedump in Metasploit -- Maintaining access to AD -- Generating manual reports -- The format of the report -- The executive summary -- Methodology/network admin-level report -- Additional sections -- Summary -- Chapter 7: Client-Side Exploitation -- Exploiting browsers for fun and profit -- The browser autopwn attack -- The technology behind the browser autopwn attack -- Attacking browsers with Metasploit browser autopwn -- Compromising the clients of a website -- Injecting the malicious web scripts -- Hacking the users of a website -- The autopwn with DNS spoofing and MITM attacks -- Tricking victims with DNS hijacking -- Using Kali NetHunter with browser exploits -- Metasploit and Arduino -- the deadly combination -- File format-based exploitation -- PDF-based exploits -- Word-based exploits -- Attacking Android with Metasploit -- Summary and exercises -- Chapter 8: Metasploit Extended -- Basics of post-exploitation with Metasploit. Basic post-exploitation commands -- The help menu -- The background command -- Reading from a channel -- File operation commands -- Desktop commands -- Screenshots and camera enumeration -- Advanced post-exploitation with Metasploit -- Obtaining system privileges -- Changing access, modification, and creation time with timestomp -- Additional post-exploitation modules -- Gathering wireless SSIDs with Metasploit -- Gathering Wi-Fi passwords with Metasploit -- Getting the applications list -- Gathering Skype passwords -- Gathering USB history -- Searching files with Metasploit -- Wiping logs from the target with the clearev command -- Advanced extended features of Metasploit -- Using pushm and popm commands -- Speeding up development using the reload, edit, and reload_all commands -- Making use of resource scripts -- Using AutoRunScript in Metasploit -- Using the multiscript module in AutoRunScript option -- Privilege escalation using Metasploit -- Finding passwords in clear text using mimikatz -- Sniffing traffic with Metasploit -- Host file injection with Metasploit -- Phishing Windows login passwords -- Summary and exercises -- Chapter 9: Evasion with Metasploit -- Evading Meterpreter using C wrappers and custom encoders -- Writing a custom Meterpreter encoder/decoder in C -- Evading intrusion detection systems with Metasploit -- Using random cases for fun and profit -- Using fake relatives to fool IDS systems -- Bypassing Windows firewall blocked ports -- Using the reverse Meterpreter on all ports -- Summary and exercises -- Chapter 10: Metasploit for Secret Agents -- Maintaining anonymity in Meterpreter sessions -- Maintaining access using vulnerabilities in common software -- DLL search order hijacking -- Using code caves for hiding backdoors -- Harvesting files from target systems -- Using venom for obfuscation. |
| ctrlnum | (OCoLC)1041858471 |
| dewey-full | 005.8 |
| dewey-hundreds | 000 - Computer science, information, general works |
| dewey-ones | 005 - Computer programming, programs, data, security |
| dewey-raw | 005.8 |
| dewey-search | 005.8 |
| dewey-sort | 15.8 |
| dewey-tens | 000 - Computer science, information, general works |
| discipline | Informatik |
| edition | Third edition. |
| format | Electronic eBook |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>14742cam a2200745 i 4500</leader><controlfield tag="001">ZDB-4-EBA-on1041858471</controlfield><controlfield tag="003">OCoLC</controlfield><controlfield tag="005">20241004212047.0</controlfield><controlfield tag="006">m o d </controlfield><controlfield tag="007">cr unu||||||||</controlfield><controlfield tag="008">180625s2018 enka ob 000 0 eng d</controlfield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">UMI</subfield><subfield code="b">eng</subfield><subfield code="e">rda</subfield><subfield code="e">pn</subfield><subfield code="c">UMI</subfield><subfield code="d">OCLCF</subfield><subfield code="d">TOH</subfield><subfield code="d">STF</subfield><subfield code="d">DEBBG</subfield><subfield code="d">CEF</subfield><subfield code="d">G3B</subfield><subfield code="d">S9I</subfield><subfield code="d">UAB</subfield><subfield code="d">VT2</subfield><subfield code="d">YDX</subfield><subfield code="d">TEFOD</subfield><subfield code="d">N$T</subfield><subfield code="d">UKMGB</subfield><subfield code="d">CZL</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">NZAUC</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">OCLCL</subfield><subfield code="d">DXU</subfield></datafield><datafield tag="015" ind1=" " ind2=" "><subfield code="a">GBC205989</subfield><subfield code="2">bnb</subfield></datafield><datafield tag="016" ind1="7" ind2=" "><subfield code="a">018917877</subfield><subfield code="2">Uk</subfield></datafield><datafield tag="019" ind1=" " ind2=" "><subfield code="a">1040588528</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781788994200</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1788994205</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1788990617</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781788990615</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">9781788990615</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1041858471</subfield><subfield code="z">(OCoLC)1040588528</subfield></datafield><datafield tag="037" ind1=" " ind2=" "><subfield code="a">CL0500000974</subfield><subfield code="b">Safari Books Online</subfield></datafield><datafield tag="050" ind1=" " ind2="4"><subfield code="a">QA76.9.A25</subfield></datafield><datafield tag="082" ind1="7" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">23</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">MAIN</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Jaswal, Nipun,</subfield><subfield code="e">author.</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Mastering Metasploit :</subfield><subfield code="b">take your penetration testing and IT security skills to a whole new level with the secrets of Metasploit /</subfield><subfield code="c">Nipun Jaswal.</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">Third edition.</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Birmingham, UK :</subfield><subfield code="b">Packt Publishing,</subfield><subfield code="c">2018.</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 online resource (1 volume) :</subfield><subfield code="b">illustrations</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">computer</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">online resource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="347" ind1=" " ind2=" "><subfield code="a">data file</subfield></datafield><datafield tag="588" ind1="0" ind2=" "><subfield code="a">Online resource; title from title page (Safari, viewed June 25, 2018).</subfield></datafield><datafield tag="504" ind1=" " ind2=" "><subfield code="a">Includes bibliographical references.</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Discover the next level of network defense with the Metasploit framework About This Book Gain the skills to carry out penetration testing in complex and highly-secured environments Become a master using the Metasploit framework, develop exploits, and generate modules for a variety of real-world scenarios Get this completely updated edition with new useful methods and techniques to make your network robust and resilient Who This Book Is For This book is a hands-on guide to penetration testing using Metasploit and covers its complete development. It shows a number of techniques and methodologies that will help you master the Metasploit framework and explore approaches to carrying out advanced penetration testing in highly secured environments. What You Will Learn Develop advanced and sophisticated auxiliary modules Port exploits from PERL, Python, and many more programming languages Test services such as databases, SCADA, and many more Attack the client side with highly advanced techniques Test mobile and tablet devices with Metasploit Bypass modern protections such as an AntiVirus and IDS with Metasploit Simulate attacks on web servers and systems with Armitage GUI Script attacks in Armitage using CORTANA scripting In Detail We start by reminding you about the basic functionalities of Metasploit and its use in the most traditional ways. You'll get to know about the basics of programming Metasploit modules as a refresher and then dive into carrying out exploitation as well building and porting exploits of various kinds in Metasploit. In the next section, you'll develop the ability to perform testing on various services such as databases, Cloud environment, IoT, mobile, tablets, and similar more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework. By the end of the book, you will be trained specifically on time-saving techniques using Metasploit. Style and approach This is a step-by-step guide that provides great Metasploit framework methodologies. All the key concepts are explained details with the help of examples and demonstrations that will help you understand everything you need to know about Metasploit.</subfield></datafield><datafield tag="505" ind1="0" ind2=" "><subfield code="a">Cover -- Copyright and Credits -- Dedication -- Packt Upsell -- Contributors -- Table of Contents -- Preface -- Chapter 1: Approaching a Penetration Test Using Metasploit -- Organizing a penetration test -- Preinteractions -- Intelligence gathering/reconnaissance phase -- Threat modeling -- Vulnerability analysis -- Exploitation and post-exploitation -- Reporting -- Mounting the environment -- Setting up Kali Linux in a virtual environment -- The fundamentals of Metasploit -- Conducting a penetration test with Metasploit -- Recalling the basics of Metasploit -- Benefits of penetration testing using Metasploit -- Open source -- Support for testing large networks and natural naming conventions -- Smart payload generation and switching mechanism -- Cleaner exits -- The GUI environment -- Case study -- diving deep into an unknown network -- Gathering intelligence -- Using databases in Metasploit -- Modeling threats -- Vulnerability analysis -- arbitrary file upload (unauthenticated) -- Attacking mechanism on the PhpCollab 2.5.1 application -- Exploitation and gaining access -- Escalating privileges with local root exploits -- Maintaining access with Metasploit -- Post-exploitation and pivoting -- Vulnerability analysis -- SEH based buffer overflow -- Exploiting human errors by compromising Password Managers -- Revisiting the case study -- Revising the approach -- Summary and exercises -- Chapter 2: Reinventing Metasploit -- Ruby -- the heart of Metasploit -- Creating your first Ruby program -- Interacting with the Ruby shell -- Defining methods in the shell -- Variables and data types in Ruby -- Working with strings -- Concatenating strings -- The substring function -- The split function -- Numbers and conversions in Ruby -- Conversions in Ruby -- Ranges in Ruby -- Arrays in Ruby -- Methods in Ruby -- Decision-making operators -- Loops in Ruby.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Regular expressions -- Wrapping up with Ruby basics -- Developing custom modules -- Building a module in a nutshell -- The architecture of the Metasploit framework -- Understanding the file structure -- The libraries layout -- Understanding the existing modules -- The format of a Metasploit module -- Disassembling the existing HTTP server scanner module -- Libraries and the function -- Writing out a custom FTP scanner module -- Libraries and functions -- Using msftidy -- Writing out a custom SSH-authentication with a brute force attack -- Rephrasing the equation -- Writing a drive-disabler post-exploitation module -- Writing a credential harvester post-exploitation module -- Breakthrough Meterpreter scripting -- Essentials of Meterpreter scripting -- Setting up persistent access -- API calls and mixins -- Fabricating custom Meterpreter scripts -- Working with RailGun -- Interactive Ruby shell basics -- Understanding RailGun and its scripting -- Manipulating Windows API calls -- Fabricating sophisticated RailGun scripts -- Summary and exercises -- Chapter 3: The Exploit Formulation Process -- The absolute basics of exploitation -- The basics -- The architecture -- System organization basics -- Registers -- Exploiting stack-based buffer overflows with Metasploit -- Crashing the vulnerable application -- Building the exploit base -- Calculating the offset -- Using the pattern_create tool -- Using the pattern_offset tool -- Finding the JMP ESP address -- Using the Immunity Debugger to find executable modules -- Using msfpescan -- Stuffing the space -- Relevance of NOPs -- Determining bad characters -- Determining space limitations -- Writing the Metasploit exploit module -- Exploiting SEH-based buffer overflows with Metasploit -- Building the exploit base -- Calculating the offset -- Using the pattern_create tool -- Using the pattern_offset tool.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Finding the POP/POP/RET address -- The Mona script -- Using msfpescan -- Writing the Metasploit SEH exploit module -- Using the NASM shell for writing assembly instructions -- Bypassing DEP in Metasploit modules -- Using msfrop to find ROP gadgets -- Using Mona to create ROP chains -- Writing the Metasploit exploit module for DEP bypass -- Other protection mechanisms -- Summary -- Chapter 4: Porting Exploits -- Importing a stack-based buffer overflow exploit -- Gathering the essentials -- Generating a Metasploit module -- Exploiting the target application with Metasploit -- Implementing a check method for exploits in Metasploit -- Importing web-based RCE into Metasploit -- Gathering the essentials -- Grasping the important web functions -- The essentials of the GET/POST method -- Importing an HTTP exploit into Metasploit -- Importing TCP server/browser-based exploits into Metasploit -- Gathering the essentials -- Generating the Metasploit module -- Summary -- Chapter 5: Testing Services with Metasploit -- Fundamentals of testing SCADA systems -- The fundamentals of ICS and its components -- The significance of ICS-SCADA -- Exploiting HMI in SCADA servers -- Fundamentals of testing SCADA -- SCADA-based exploits -- Attacking the Modbus protocol -- Securing SCADA -- Implementing secure SCADA -- Restricting networks -- Database exploitation -- SQL server -- Scanning MSSQL with Metasploit modules -- Brute forcing passwords -- Locating/capturing server passwords -- Browsing the SQL server -- Post-exploiting/executing system commands -- Reloading the xp_cmdshell functionality -- Running SQL-based queries -- Testing VOIP services -- VOIP fundamentals -- An introduction to PBX -- Types of VOIP services -- Self-hosted network -- Hosted services -- SIP service providers -- Fingerprinting VOIP services -- Scanning VOIP services -- Spoofing a VOIP call.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Exploiting VOIP -- About the vulnerability -- Exploiting the application -- Summary -- Chapter 6: Virtual Test Grounds and Staging -- Performing a penetration test with integrated Metasploit services -- Interaction with the employees and end users -- Gathering intelligence -- Example environment being tested -- Vulnerability scanning with OpenVAS using Metasploit -- Modeling the threat areas -- Gaining access to the target -- Exploiting the Active Directory (AD) with Metasploit -- Finding the domain controller -- Enumerating shares in the Active Directory network -- Enumerating the AD computers -- Enumerating signed-in users in the Active Directory -- Enumerating domain tokens -- Using extapi in Meterpreter -- Enumerating open Windows using Metasploit -- Manipulating the clipboard -- Using ADSI management commands in Metasploit -- Using PsExec exploit in the network -- Using Kiwi in Metasploit -- Using cachedump in Metasploit -- Maintaining access to AD -- Generating manual reports -- The format of the report -- The executive summary -- Methodology/network admin-level report -- Additional sections -- Summary -- Chapter 7: Client-Side Exploitation -- Exploiting browsers for fun and profit -- The browser autopwn attack -- The technology behind the browser autopwn attack -- Attacking browsers with Metasploit browser autopwn -- Compromising the clients of a website -- Injecting the malicious web scripts -- Hacking the users of a website -- The autopwn with DNS spoofing and MITM attacks -- Tricking victims with DNS hijacking -- Using Kali NetHunter with browser exploits -- Metasploit and Arduino -- the deadly combination -- File format-based exploitation -- PDF-based exploits -- Word-based exploits -- Attacking Android with Metasploit -- Summary and exercises -- Chapter 8: Metasploit Extended -- Basics of post-exploitation with Metasploit.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Basic post-exploitation commands -- The help menu -- The background command -- Reading from a channel -- File operation commands -- Desktop commands -- Screenshots and camera enumeration -- Advanced post-exploitation with Metasploit -- Obtaining system privileges -- Changing access, modification, and creation time with timestomp -- Additional post-exploitation modules -- Gathering wireless SSIDs with Metasploit -- Gathering Wi-Fi passwords with Metasploit -- Getting the applications list -- Gathering Skype passwords -- Gathering USB history -- Searching files with Metasploit -- Wiping logs from the target with the clearev command -- Advanced extended features of Metasploit -- Using pushm and popm commands -- Speeding up development using the reload, edit, and reload_all commands -- Making use of resource scripts -- Using AutoRunScript in Metasploit -- Using the multiscript module in AutoRunScript option -- Privilege escalation using Metasploit -- Finding passwords in clear text using mimikatz -- Sniffing traffic with Metasploit -- Host file injection with Metasploit -- Phishing Windows login passwords -- Summary and exercises -- Chapter 9: Evasion with Metasploit -- Evading Meterpreter using C wrappers and custom encoders -- Writing a custom Meterpreter encoder/decoder in C -- Evading intrusion detection systems with Metasploit -- Using random cases for fun and profit -- Using fake relatives to fool IDS systems -- Bypassing Windows firewall blocked ports -- Using the reverse Meterpreter on all ports -- Summary and exercises -- Chapter 10: Metasploit for Secret Agents -- Maintaining anonymity in Meterpreter sessions -- Maintaining access using vulnerabilities in common software -- DLL search order hijacking -- Using code caves for hiding backdoors -- Harvesting files from target systems -- Using venom for obfuscation.</subfield></datafield><datafield tag="630" ind1="0" ind2="0"><subfield code="a">Metasploit (Electronic resource)</subfield><subfield code="0">http://id.loc.gov/authorities/names/n2011043654</subfield></datafield><datafield tag="630" ind1="0" ind2="7"><subfield code="a">Metasploit (Electronic resource)</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computer security.</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh90001862</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computers</subfield><subfield code="x">Access control.</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh85029553</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Penetration testing (Computer security)</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh2011003137</subfield></datafield><datafield tag="650" ind1=" " ind2="2"><subfield code="a">Computer Security</subfield><subfield code="0">https://id.nlm.nih.gov/mesh/D016494</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Sécurité informatique.</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Ordinateurs</subfield><subfield code="x">Accès</subfield><subfield code="x">Contrôle.</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Tests d'intrusion.</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer networking & communications.</subfield><subfield code="2">bicssc</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Network security.</subfield><subfield code="2">bicssc</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer security.</subfield><subfield code="2">bicssc</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computers.</subfield><subfield code="x">Networking</subfield><subfield code="x">Security.</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computers.</subfield><subfield code="x">System Administration</subfield><subfield code="x">General.</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computers.</subfield><subfield code="x">Security</subfield><subfield code="x">General.</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer security</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computers</subfield><subfield code="x">Access control</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Penetration testing (Computer security)</subfield><subfield code="2">fast</subfield></datafield><datafield tag="758" ind1=" " ind2=" "><subfield code="i">has work:</subfield><subfield code="a">Mastering Metasploit (Text)</subfield><subfield code="1">https://id.oclc.org/worldcat/entity/E39PCGvcT9Fq46YpCPqhkhXB8y</subfield><subfield code="4">https://id.oclc.org/worldcat/ontology/hasWork</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="l">FWS01</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FWS_PDA_EBA</subfield><subfield code="u">https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1827509</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">EBSCOhost</subfield><subfield code="b">EBSC</subfield><subfield code="n">1827509</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">YBP Library Services</subfield><subfield code="b">YANK</subfield><subfield code="n">15530553</subfield></datafield><datafield tag="994" ind1=" " ind2=" "><subfield code="a">92</subfield><subfield code="b">GEBAY</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-4-EBA</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-863</subfield></datafield></record></collection> |
| id | ZDB-4-EBA-on1041858471 |
| illustrated | Illustrated |
| indexdate | 2024-11-27T13:29:01Z |
| institution | BVB |
| isbn | 9781788994200 1788994205 1788990617 9781788990615 |
| language | English |
| oclc_num | 1041858471 |
| open_access_boolean | |
| owner | MAIN DE-863 DE-BY-FWS |
| owner_facet | MAIN DE-863 DE-BY-FWS |
| physical | 1 online resource (1 volume) : illustrations |
| psigel | ZDB-4-EBA |
| publishDate | 2018 |
| publishDateSearch | 2018 |
| publishDateSort | 2018 |
| publisher | Packt Publishing, |
| record_format | marc |
| spelling | Jaswal, Nipun, author. Mastering Metasploit : take your penetration testing and IT security skills to a whole new level with the secrets of Metasploit / Nipun Jaswal. Third edition. Birmingham, UK : Packt Publishing, 2018. 1 online resource (1 volume) : illustrations text txt rdacontent computer c rdamedia online resource cr rdacarrier data file Online resource; title from title page (Safari, viewed June 25, 2018). Includes bibliographical references. Discover the next level of network defense with the Metasploit framework About This Book Gain the skills to carry out penetration testing in complex and highly-secured environments Become a master using the Metasploit framework, develop exploits, and generate modules for a variety of real-world scenarios Get this completely updated edition with new useful methods and techniques to make your network robust and resilient Who This Book Is For This book is a hands-on guide to penetration testing using Metasploit and covers its complete development. It shows a number of techniques and methodologies that will help you master the Metasploit framework and explore approaches to carrying out advanced penetration testing in highly secured environments. What You Will Learn Develop advanced and sophisticated auxiliary modules Port exploits from PERL, Python, and many more programming languages Test services such as databases, SCADA, and many more Attack the client side with highly advanced techniques Test mobile and tablet devices with Metasploit Bypass modern protections such as an AntiVirus and IDS with Metasploit Simulate attacks on web servers and systems with Armitage GUI Script attacks in Armitage using CORTANA scripting In Detail We start by reminding you about the basic functionalities of Metasploit and its use in the most traditional ways. You'll get to know about the basics of programming Metasploit modules as a refresher and then dive into carrying out exploitation as well building and porting exploits of various kinds in Metasploit. In the next section, you'll develop the ability to perform testing on various services such as databases, Cloud environment, IoT, mobile, tablets, and similar more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework. By the end of the book, you will be trained specifically on time-saving techniques using Metasploit. Style and approach This is a step-by-step guide that provides great Metasploit framework methodologies. All the key concepts are explained details with the help of examples and demonstrations that will help you understand everything you need to know about Metasploit. Cover -- Copyright and Credits -- Dedication -- Packt Upsell -- Contributors -- Table of Contents -- Preface -- Chapter 1: Approaching a Penetration Test Using Metasploit -- Organizing a penetration test -- Preinteractions -- Intelligence gathering/reconnaissance phase -- Threat modeling -- Vulnerability analysis -- Exploitation and post-exploitation -- Reporting -- Mounting the environment -- Setting up Kali Linux in a virtual environment -- The fundamentals of Metasploit -- Conducting a penetration test with Metasploit -- Recalling the basics of Metasploit -- Benefits of penetration testing using Metasploit -- Open source -- Support for testing large networks and natural naming conventions -- Smart payload generation and switching mechanism -- Cleaner exits -- The GUI environment -- Case study -- diving deep into an unknown network -- Gathering intelligence -- Using databases in Metasploit -- Modeling threats -- Vulnerability analysis -- arbitrary file upload (unauthenticated) -- Attacking mechanism on the PhpCollab 2.5.1 application -- Exploitation and gaining access -- Escalating privileges with local root exploits -- Maintaining access with Metasploit -- Post-exploitation and pivoting -- Vulnerability analysis -- SEH based buffer overflow -- Exploiting human errors by compromising Password Managers -- Revisiting the case study -- Revising the approach -- Summary and exercises -- Chapter 2: Reinventing Metasploit -- Ruby -- the heart of Metasploit -- Creating your first Ruby program -- Interacting with the Ruby shell -- Defining methods in the shell -- Variables and data types in Ruby -- Working with strings -- Concatenating strings -- The substring function -- The split function -- Numbers and conversions in Ruby -- Conversions in Ruby -- Ranges in Ruby -- Arrays in Ruby -- Methods in Ruby -- Decision-making operators -- Loops in Ruby. Regular expressions -- Wrapping up with Ruby basics -- Developing custom modules -- Building a module in a nutshell -- The architecture of the Metasploit framework -- Understanding the file structure -- The libraries layout -- Understanding the existing modules -- The format of a Metasploit module -- Disassembling the existing HTTP server scanner module -- Libraries and the function -- Writing out a custom FTP scanner module -- Libraries and functions -- Using msftidy -- Writing out a custom SSH-authentication with a brute force attack -- Rephrasing the equation -- Writing a drive-disabler post-exploitation module -- Writing a credential harvester post-exploitation module -- Breakthrough Meterpreter scripting -- Essentials of Meterpreter scripting -- Setting up persistent access -- API calls and mixins -- Fabricating custom Meterpreter scripts -- Working with RailGun -- Interactive Ruby shell basics -- Understanding RailGun and its scripting -- Manipulating Windows API calls -- Fabricating sophisticated RailGun scripts -- Summary and exercises -- Chapter 3: The Exploit Formulation Process -- The absolute basics of exploitation -- The basics -- The architecture -- System organization basics -- Registers -- Exploiting stack-based buffer overflows with Metasploit -- Crashing the vulnerable application -- Building the exploit base -- Calculating the offset -- Using the pattern_create tool -- Using the pattern_offset tool -- Finding the JMP ESP address -- Using the Immunity Debugger to find executable modules -- Using msfpescan -- Stuffing the space -- Relevance of NOPs -- Determining bad characters -- Determining space limitations -- Writing the Metasploit exploit module -- Exploiting SEH-based buffer overflows with Metasploit -- Building the exploit base -- Calculating the offset -- Using the pattern_create tool -- Using the pattern_offset tool. Finding the POP/POP/RET address -- The Mona script -- Using msfpescan -- Writing the Metasploit SEH exploit module -- Using the NASM shell for writing assembly instructions -- Bypassing DEP in Metasploit modules -- Using msfrop to find ROP gadgets -- Using Mona to create ROP chains -- Writing the Metasploit exploit module for DEP bypass -- Other protection mechanisms -- Summary -- Chapter 4: Porting Exploits -- Importing a stack-based buffer overflow exploit -- Gathering the essentials -- Generating a Metasploit module -- Exploiting the target application with Metasploit -- Implementing a check method for exploits in Metasploit -- Importing web-based RCE into Metasploit -- Gathering the essentials -- Grasping the important web functions -- The essentials of the GET/POST method -- Importing an HTTP exploit into Metasploit -- Importing TCP server/browser-based exploits into Metasploit -- Gathering the essentials -- Generating the Metasploit module -- Summary -- Chapter 5: Testing Services with Metasploit -- Fundamentals of testing SCADA systems -- The fundamentals of ICS and its components -- The significance of ICS-SCADA -- Exploiting HMI in SCADA servers -- Fundamentals of testing SCADA -- SCADA-based exploits -- Attacking the Modbus protocol -- Securing SCADA -- Implementing secure SCADA -- Restricting networks -- Database exploitation -- SQL server -- Scanning MSSQL with Metasploit modules -- Brute forcing passwords -- Locating/capturing server passwords -- Browsing the SQL server -- Post-exploiting/executing system commands -- Reloading the xp_cmdshell functionality -- Running SQL-based queries -- Testing VOIP services -- VOIP fundamentals -- An introduction to PBX -- Types of VOIP services -- Self-hosted network -- Hosted services -- SIP service providers -- Fingerprinting VOIP services -- Scanning VOIP services -- Spoofing a VOIP call. Exploiting VOIP -- About the vulnerability -- Exploiting the application -- Summary -- Chapter 6: Virtual Test Grounds and Staging -- Performing a penetration test with integrated Metasploit services -- Interaction with the employees and end users -- Gathering intelligence -- Example environment being tested -- Vulnerability scanning with OpenVAS using Metasploit -- Modeling the threat areas -- Gaining access to the target -- Exploiting the Active Directory (AD) with Metasploit -- Finding the domain controller -- Enumerating shares in the Active Directory network -- Enumerating the AD computers -- Enumerating signed-in users in the Active Directory -- Enumerating domain tokens -- Using extapi in Meterpreter -- Enumerating open Windows using Metasploit -- Manipulating the clipboard -- Using ADSI management commands in Metasploit -- Using PsExec exploit in the network -- Using Kiwi in Metasploit -- Using cachedump in Metasploit -- Maintaining access to AD -- Generating manual reports -- The format of the report -- The executive summary -- Methodology/network admin-level report -- Additional sections -- Summary -- Chapter 7: Client-Side Exploitation -- Exploiting browsers for fun and profit -- The browser autopwn attack -- The technology behind the browser autopwn attack -- Attacking browsers with Metasploit browser autopwn -- Compromising the clients of a website -- Injecting the malicious web scripts -- Hacking the users of a website -- The autopwn with DNS spoofing and MITM attacks -- Tricking victims with DNS hijacking -- Using Kali NetHunter with browser exploits -- Metasploit and Arduino -- the deadly combination -- File format-based exploitation -- PDF-based exploits -- Word-based exploits -- Attacking Android with Metasploit -- Summary and exercises -- Chapter 8: Metasploit Extended -- Basics of post-exploitation with Metasploit. Basic post-exploitation commands -- The help menu -- The background command -- Reading from a channel -- File operation commands -- Desktop commands -- Screenshots and camera enumeration -- Advanced post-exploitation with Metasploit -- Obtaining system privileges -- Changing access, modification, and creation time with timestomp -- Additional post-exploitation modules -- Gathering wireless SSIDs with Metasploit -- Gathering Wi-Fi passwords with Metasploit -- Getting the applications list -- Gathering Skype passwords -- Gathering USB history -- Searching files with Metasploit -- Wiping logs from the target with the clearev command -- Advanced extended features of Metasploit -- Using pushm and popm commands -- Speeding up development using the reload, edit, and reload_all commands -- Making use of resource scripts -- Using AutoRunScript in Metasploit -- Using the multiscript module in AutoRunScript option -- Privilege escalation using Metasploit -- Finding passwords in clear text using mimikatz -- Sniffing traffic with Metasploit -- Host file injection with Metasploit -- Phishing Windows login passwords -- Summary and exercises -- Chapter 9: Evasion with Metasploit -- Evading Meterpreter using C wrappers and custom encoders -- Writing a custom Meterpreter encoder/decoder in C -- Evading intrusion detection systems with Metasploit -- Using random cases for fun and profit -- Using fake relatives to fool IDS systems -- Bypassing Windows firewall blocked ports -- Using the reverse Meterpreter on all ports -- Summary and exercises -- Chapter 10: Metasploit for Secret Agents -- Maintaining anonymity in Meterpreter sessions -- Maintaining access using vulnerabilities in common software -- DLL search order hijacking -- Using code caves for hiding backdoors -- Harvesting files from target systems -- Using venom for obfuscation. Metasploit (Electronic resource) http://id.loc.gov/authorities/names/n2011043654 Metasploit (Electronic resource) fast Computer security. http://id.loc.gov/authorities/subjects/sh90001862 Computers Access control. http://id.loc.gov/authorities/subjects/sh85029553 Penetration testing (Computer security) http://id.loc.gov/authorities/subjects/sh2011003137 Computer Security https://id.nlm.nih.gov/mesh/D016494 Sécurité informatique. Ordinateurs Accès Contrôle. Tests d'intrusion. Computer networking & communications. bicssc Network security. bicssc Computer security. bicssc Computers. Networking Security. bisacsh Computers. System Administration General. bisacsh Computers. Security General. bisacsh Computer security fast Computers Access control fast Penetration testing (Computer security) fast has work: Mastering Metasploit (Text) https://id.oclc.org/worldcat/entity/E39PCGvcT9Fq46YpCPqhkhXB8y https://id.oclc.org/worldcat/ontology/hasWork FWS01 ZDB-4-EBA FWS_PDA_EBA https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1827509 Volltext |
| spellingShingle | Jaswal, Nipun Mastering Metasploit : take your penetration testing and IT security skills to a whole new level with the secrets of Metasploit / Cover -- Copyright and Credits -- Dedication -- Packt Upsell -- Contributors -- Table of Contents -- Preface -- Chapter 1: Approaching a Penetration Test Using Metasploit -- Organizing a penetration test -- Preinteractions -- Intelligence gathering/reconnaissance phase -- Threat modeling -- Vulnerability analysis -- Exploitation and post-exploitation -- Reporting -- Mounting the environment -- Setting up Kali Linux in a virtual environment -- The fundamentals of Metasploit -- Conducting a penetration test with Metasploit -- Recalling the basics of Metasploit -- Benefits of penetration testing using Metasploit -- Open source -- Support for testing large networks and natural naming conventions -- Smart payload generation and switching mechanism -- Cleaner exits -- The GUI environment -- Case study -- diving deep into an unknown network -- Gathering intelligence -- Using databases in Metasploit -- Modeling threats -- Vulnerability analysis -- arbitrary file upload (unauthenticated) -- Attacking mechanism on the PhpCollab 2.5.1 application -- Exploitation and gaining access -- Escalating privileges with local root exploits -- Maintaining access with Metasploit -- Post-exploitation and pivoting -- Vulnerability analysis -- SEH based buffer overflow -- Exploiting human errors by compromising Password Managers -- Revisiting the case study -- Revising the approach -- Summary and exercises -- Chapter 2: Reinventing Metasploit -- Ruby -- the heart of Metasploit -- Creating your first Ruby program -- Interacting with the Ruby shell -- Defining methods in the shell -- Variables and data types in Ruby -- Working with strings -- Concatenating strings -- The substring function -- The split function -- Numbers and conversions in Ruby -- Conversions in Ruby -- Ranges in Ruby -- Arrays in Ruby -- Methods in Ruby -- Decision-making operators -- Loops in Ruby. Regular expressions -- Wrapping up with Ruby basics -- Developing custom modules -- Building a module in a nutshell -- The architecture of the Metasploit framework -- Understanding the file structure -- The libraries layout -- Understanding the existing modules -- The format of a Metasploit module -- Disassembling the existing HTTP server scanner module -- Libraries and the function -- Writing out a custom FTP scanner module -- Libraries and functions -- Using msftidy -- Writing out a custom SSH-authentication with a brute force attack -- Rephrasing the equation -- Writing a drive-disabler post-exploitation module -- Writing a credential harvester post-exploitation module -- Breakthrough Meterpreter scripting -- Essentials of Meterpreter scripting -- Setting up persistent access -- API calls and mixins -- Fabricating custom Meterpreter scripts -- Working with RailGun -- Interactive Ruby shell basics -- Understanding RailGun and its scripting -- Manipulating Windows API calls -- Fabricating sophisticated RailGun scripts -- Summary and exercises -- Chapter 3: The Exploit Formulation Process -- The absolute basics of exploitation -- The basics -- The architecture -- System organization basics -- Registers -- Exploiting stack-based buffer overflows with Metasploit -- Crashing the vulnerable application -- Building the exploit base -- Calculating the offset -- Using the pattern_create tool -- Using the pattern_offset tool -- Finding the JMP ESP address -- Using the Immunity Debugger to find executable modules -- Using msfpescan -- Stuffing the space -- Relevance of NOPs -- Determining bad characters -- Determining space limitations -- Writing the Metasploit exploit module -- Exploiting SEH-based buffer overflows with Metasploit -- Building the exploit base -- Calculating the offset -- Using the pattern_create tool -- Using the pattern_offset tool. Finding the POP/POP/RET address -- The Mona script -- Using msfpescan -- Writing the Metasploit SEH exploit module -- Using the NASM shell for writing assembly instructions -- Bypassing DEP in Metasploit modules -- Using msfrop to find ROP gadgets -- Using Mona to create ROP chains -- Writing the Metasploit exploit module for DEP bypass -- Other protection mechanisms -- Summary -- Chapter 4: Porting Exploits -- Importing a stack-based buffer overflow exploit -- Gathering the essentials -- Generating a Metasploit module -- Exploiting the target application with Metasploit -- Implementing a check method for exploits in Metasploit -- Importing web-based RCE into Metasploit -- Gathering the essentials -- Grasping the important web functions -- The essentials of the GET/POST method -- Importing an HTTP exploit into Metasploit -- Importing TCP server/browser-based exploits into Metasploit -- Gathering the essentials -- Generating the Metasploit module -- Summary -- Chapter 5: Testing Services with Metasploit -- Fundamentals of testing SCADA systems -- The fundamentals of ICS and its components -- The significance of ICS-SCADA -- Exploiting HMI in SCADA servers -- Fundamentals of testing SCADA -- SCADA-based exploits -- Attacking the Modbus protocol -- Securing SCADA -- Implementing secure SCADA -- Restricting networks -- Database exploitation -- SQL server -- Scanning MSSQL with Metasploit modules -- Brute forcing passwords -- Locating/capturing server passwords -- Browsing the SQL server -- Post-exploiting/executing system commands -- Reloading the xp_cmdshell functionality -- Running SQL-based queries -- Testing VOIP services -- VOIP fundamentals -- An introduction to PBX -- Types of VOIP services -- Self-hosted network -- Hosted services -- SIP service providers -- Fingerprinting VOIP services -- Scanning VOIP services -- Spoofing a VOIP call. Exploiting VOIP -- About the vulnerability -- Exploiting the application -- Summary -- Chapter 6: Virtual Test Grounds and Staging -- Performing a penetration test with integrated Metasploit services -- Interaction with the employees and end users -- Gathering intelligence -- Example environment being tested -- Vulnerability scanning with OpenVAS using Metasploit -- Modeling the threat areas -- Gaining access to the target -- Exploiting the Active Directory (AD) with Metasploit -- Finding the domain controller -- Enumerating shares in the Active Directory network -- Enumerating the AD computers -- Enumerating signed-in users in the Active Directory -- Enumerating domain tokens -- Using extapi in Meterpreter -- Enumerating open Windows using Metasploit -- Manipulating the clipboard -- Using ADSI management commands in Metasploit -- Using PsExec exploit in the network -- Using Kiwi in Metasploit -- Using cachedump in Metasploit -- Maintaining access to AD -- Generating manual reports -- The format of the report -- The executive summary -- Methodology/network admin-level report -- Additional sections -- Summary -- Chapter 7: Client-Side Exploitation -- Exploiting browsers for fun and profit -- The browser autopwn attack -- The technology behind the browser autopwn attack -- Attacking browsers with Metasploit browser autopwn -- Compromising the clients of a website -- Injecting the malicious web scripts -- Hacking the users of a website -- The autopwn with DNS spoofing and MITM attacks -- Tricking victims with DNS hijacking -- Using Kali NetHunter with browser exploits -- Metasploit and Arduino -- the deadly combination -- File format-based exploitation -- PDF-based exploits -- Word-based exploits -- Attacking Android with Metasploit -- Summary and exercises -- Chapter 8: Metasploit Extended -- Basics of post-exploitation with Metasploit. Basic post-exploitation commands -- The help menu -- The background command -- Reading from a channel -- File operation commands -- Desktop commands -- Screenshots and camera enumeration -- Advanced post-exploitation with Metasploit -- Obtaining system privileges -- Changing access, modification, and creation time with timestomp -- Additional post-exploitation modules -- Gathering wireless SSIDs with Metasploit -- Gathering Wi-Fi passwords with Metasploit -- Getting the applications list -- Gathering Skype passwords -- Gathering USB history -- Searching files with Metasploit -- Wiping logs from the target with the clearev command -- Advanced extended features of Metasploit -- Using pushm and popm commands -- Speeding up development using the reload, edit, and reload_all commands -- Making use of resource scripts -- Using AutoRunScript in Metasploit -- Using the multiscript module in AutoRunScript option -- Privilege escalation using Metasploit -- Finding passwords in clear text using mimikatz -- Sniffing traffic with Metasploit -- Host file injection with Metasploit -- Phishing Windows login passwords -- Summary and exercises -- Chapter 9: Evasion with Metasploit -- Evading Meterpreter using C wrappers and custom encoders -- Writing a custom Meterpreter encoder/decoder in C -- Evading intrusion detection systems with Metasploit -- Using random cases for fun and profit -- Using fake relatives to fool IDS systems -- Bypassing Windows firewall blocked ports -- Using the reverse Meterpreter on all ports -- Summary and exercises -- Chapter 10: Metasploit for Secret Agents -- Maintaining anonymity in Meterpreter sessions -- Maintaining access using vulnerabilities in common software -- DLL search order hijacking -- Using code caves for hiding backdoors -- Harvesting files from target systems -- Using venom for obfuscation. Metasploit (Electronic resource) http://id.loc.gov/authorities/names/n2011043654 Metasploit (Electronic resource) fast Computer security. http://id.loc.gov/authorities/subjects/sh90001862 Computers Access control. http://id.loc.gov/authorities/subjects/sh85029553 Penetration testing (Computer security) http://id.loc.gov/authorities/subjects/sh2011003137 Computer Security https://id.nlm.nih.gov/mesh/D016494 Sécurité informatique. Ordinateurs Accès Contrôle. Tests d'intrusion. Computer networking & communications. bicssc Network security. bicssc Computer security. bicssc Computers. Networking Security. bisacsh Computers. System Administration General. bisacsh Computers. Security General. bisacsh Computer security fast Computers Access control fast Penetration testing (Computer security) fast |
| subject_GND | http://id.loc.gov/authorities/names/n2011043654 http://id.loc.gov/authorities/subjects/sh90001862 http://id.loc.gov/authorities/subjects/sh85029553 http://id.loc.gov/authorities/subjects/sh2011003137 https://id.nlm.nih.gov/mesh/D016494 |
| title | Mastering Metasploit : take your penetration testing and IT security skills to a whole new level with the secrets of Metasploit / |
| title_auth | Mastering Metasploit : take your penetration testing and IT security skills to a whole new level with the secrets of Metasploit / |
| title_exact_search | Mastering Metasploit : take your penetration testing and IT security skills to a whole new level with the secrets of Metasploit / |
| title_full | Mastering Metasploit : take your penetration testing and IT security skills to a whole new level with the secrets of Metasploit / Nipun Jaswal. |
| title_fullStr | Mastering Metasploit : take your penetration testing and IT security skills to a whole new level with the secrets of Metasploit / Nipun Jaswal. |
| title_full_unstemmed | Mastering Metasploit : take your penetration testing and IT security skills to a whole new level with the secrets of Metasploit / Nipun Jaswal. |
| title_short | Mastering Metasploit : |
| title_sort | mastering metasploit take your penetration testing and it security skills to a whole new level with the secrets of metasploit |
| title_sub | take your penetration testing and IT security skills to a whole new level with the secrets of Metasploit / |
| topic | Metasploit (Electronic resource) http://id.loc.gov/authorities/names/n2011043654 Metasploit (Electronic resource) fast Computer security. http://id.loc.gov/authorities/subjects/sh90001862 Computers Access control. http://id.loc.gov/authorities/subjects/sh85029553 Penetration testing (Computer security) http://id.loc.gov/authorities/subjects/sh2011003137 Computer Security https://id.nlm.nih.gov/mesh/D016494 Sécurité informatique. Ordinateurs Accès Contrôle. Tests d'intrusion. Computer networking & communications. bicssc Network security. bicssc Computer security. bicssc Computers. Networking Security. bisacsh Computers. System Administration General. bisacsh Computers. Security General. bisacsh Computer security fast Computers Access control fast Penetration testing (Computer security) fast |
| topic_facet | Metasploit (Electronic resource) Computer security. Computers Access control. Penetration testing (Computer security) Computer Security Sécurité informatique. Ordinateurs Accès Contrôle. Tests d'intrusion. Computer networking & communications. Network security. Computers. Networking Security. Computers. System Administration General. Computers. Security General. Computer security Computers Access control |
| url | https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1827509 |
| work_keys_str_mv | AT jaswalnipun masteringmetasploittakeyourpenetrationtestinganditsecurityskillstoawholenewlevelwiththesecretsofmetasploit |