The free and open source Metasploit Framework is the most popular suite of penetration testing tools in the world, with more than one million downloads yearly.
Metasploit: The Penetration Tester’s Guide teaches readers how to identify vulnerabilities in networks by using Metasploit to launch simulated attacks. The book’s authors, acknowledged Metasploit gurus, begin by building a foundation for penetration testing and establishing a methodology.
From there, they explain the Framework’s conventions, interfaces, and module system, and then move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, devastating wireless attacks, and targeted social-engineering attacks.
This book shows penetration testers how to:
- Find exploits in unmaintained, misconfigured, and unpatched systems
- Perform reconnaissance and find valuable information about a target
- Bypass antivirus technologies and circumvent security controls
- Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery
- Use the Meterpreter shell to launch attacks from inside a network
- Harness stand-alone Metasploit utilities, third-party tools, and plug-ins
- Learn how to write Meterpreter post exploitation modules and scripts.