Daniel Teixeira - Metasploit Penetration Testing Cookbook

Copyright 2018 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Vijin Boricha
Acquisition Editor: Meeta Rajani
Content Development Editor: Abhishek Jadhav
Technical Editor: Aditya Khadye
Copy Editor: Safis Editing, Dipti Mankame
Project Coordinator: Judie Jose
Proofreader: Safis Editing
Indexer: Aishwarya Gangawane, Mariammal Chettiyar
Graphics: Tom Scaria
Production Coordinator: Aparna Bhagat

First published: June 2012
Second edition: October 2013
Third edition: February 2018

Production reference: 1220218

Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.

ISBN 978-1-78862-317-9

www.packtpub.com

Daniel Teixeira is an IT security expert, author, and trainer, specializing in red team engagements, penetration testing, and vulnerability assessments. His main areas of focus are adversary simulation, emulation of modern adversarial tactics, techniques and procedures; vulnerability research, and exploit development.

Abhinav Singh is a well-known information security researcher. He is the author of Metasploit Penetration Testing Cookbook (first and second editions) and Instant Wireshark Starter, by Packt. He is an active contributor to the security communitypaper publications, articles, and blogs. His work has been quoted in several security and privacy magazines, and digital portals. He is a frequent speaker at eminent international conferencesBlack Hat and RSA. His areas of expertise include malware research, reverse engineering, enterprise security, forensics, and cloud security.

Monika Agarwal is a young Information Security Researcher from India. She has presented many research papers at both national and international conferences. She is a member of IAENG (International Association of Engineers). Her main areas of interest are ethical hacking and ad hoc networking.

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

• Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

• Improve your learning with Skill Plans built especially for you

• Get a free eBook or video every month

• Mapt is fully searchable

• Copy and paste, print, and bookmark content

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at service@packtpub.com for more details.

At www.PacktPub.com , you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.

Welcome to Metasploit Penetration Testing Cookbook, Third Edition. This book covers various recipes of performing penetration testing over different platforms using the Metasploit Framework.

The book will guide you on how to perform a penetration test using the Metasploit Framework and following the penetration testing execution standard (PTES). Starting with the basics of information gathering using several auxiliary modules that help you profile your target and gradually introducing you to advanced topics, such as porting exploits and building your modules, it will show you how to build a penetration test lab environment, where you will learn how to find vulnerabilities by enumerating and scanning the different targets with Metasploit, how to exploit targets using server-side vulnerabilities, and how to master Meterpreter capabilities while performing post-exploitation.

You will use MSFvenom with custom encoders and trusted certificates to evade anti-virus solutions, bypass firewalls, and compromise secure networks. This book will show you why client-side attacks are the number one method to compromise organizations and how to use Metasploit to mimic the same tactics and techniques used by advanced adversaries. You will learn how to work with modules, build your own modules, add exploits to the Metasploit Framework, and leverage Metasploit while performing wireless and cloud-based penetration tests. It will take your penetration skills to the next level by showing you how to think and act like the adversary using the most advanced penetration testing framework in the world.