Jaswal - Mastering Metasploit

Nipun Jaswal is an independent information security specialist with a keen interest in the fields of penetration testing, vulnerability assessments, wireless penetration testing, forensics, and web application penetration testing. He is an MTech in Computer Science from Lovely Professional University, India, and is certified with C|EH and OSWP. While he was at the university, he was the student ambassador of EC-COUNCIL and worked with many security organizations along with his studies. He has a proven track record in IT security training and has trained over 10,000 students and over 2,000 professionals in India and Africa. He is a professional speaker and has spoken at various national and international IT security conferences. His articles are published in many security magazines, such as Hakin9, eforensics, and so on. He is also the developer of a web application penetration testing course for InSecTechs Pvt. Ltd., Hyderabad, India, which is a distance-learning package on testing web applications. He has been acknowledged for finding vulnerabilities in Rapid7, BlackBerry, Facebook, PayPal, Adobe, Kaneva, Barracuda labs, Zynga, Offensive Security, Apple, Microsoft, AT&T, Nokia, Red Hat Linux, CERT-IN, and is also part of the AT&T top 10 security researcher's list for 2013, Q2. Feel free to mail him via < for more information.

I would like to thank my mother for helping me out at every critical stage in my life; Mr. Youssef Rebahi-Gilbert for all his support and innovative ideas; Mr. Joel Langill, Dr. Maninder Singh, Mr. Sagar A Rahalkar, Mr. Krishan P Singh, and Mr. Kubilay Onur Gungor for taking the time to review my work and helping me out at every stage; Mr. Gurpreet Singh and the other authorities from Lovely Professional University for their seamless support; Ms. Swati Kumari, Mr. James Jones, Mr. Akshay Nair, and Mr. Kapil Hemnani from Packt Publishing for being an excellent team and helping me out at every stage of the writing process; the entire team at Packt Publishing for giving me this opportunity to work on this wonderful project; and last but not least, to the Almighty God for giving me immense power to work on this project.

Youssef Rebahi-Gilbert started hacking at the age of five on a Commodore 64 way back in 1984. He is a sought-after expert for code audits of web applications and has a lot of experience in many aspects of information security and extensive experience in Computer Science in general. Besides Ruby and Metasploit, he likes the nature of SQL injections, assembly, and hardware hacking too.

Whenever there's time, he creates evolutionary programs to find new ways to paint pictures of his beautiful girlfriend: his love and the mother of their little girl. To circumvent becoming a nerd, he took acting and comedy classes, which made him the professional actor and instructor that he is today. His technical knowledge, combined with his acting skills, makes him the perfect social engineerhis new field of research.

In May 2014, he'll start working as a penetration tester at a European CERT. He's very open to new contacts; feel free to mail him via < for security-related material.

Kubilay Onur Gungor has been working in the IT security field for more than seven years. He started his professional security career with cryptanalysis of encrypted images using chaotic logistic maps. He gained experience in the network security field by working in the Data Processing Center of Isik University where he founded the Information Security and Research Society. After working as a QA tester in Netsparker Project, he continued his career in the penetration testing field with one of the leading security companies in Turkey. He performed many penetration tests and consultancies for the IT infrastructure of several large clients, such as banks, government institutions, and telecommunication companies.

Currently, he is working in the Incident Management Team with one of the leading multinational electronic companies to develop incident prevention, detection and response, and the overall cyber security strategy.

He has also been developing a multidisciplinary cyber security approach, including criminology, information security, perception management, social psychology, international relations, and terrorism.

He has participated in many conferences as a frequent speaker. Besides Computer Engineering, he is continuing his academic career in the field of Sociology (BA).

Besides security certificates, he holds the Foreign Policy, Marketing and Brand Management, and Surviving Extreme Conditions certificates. He also took certified training in the field of international relations and terrorism/counter-terrorism.

I would like to thank my family, which includes Nursen Gungor, Gizem Gungor, and Mehmet Ali Gungor, for their huge support during my walks through my dreams.

Sagar A Rahalkar is a seasoned information security professional with more than seven years of comprehensive experience in various verticals of IS. His domain of expertise is mainly in cyber crime investigations, digital forensics, application security, vulnerability assessment and penetration testing, compliance for mandates and regulations, IT GRC, and so on. He holds a master's degree in Computer Science and several industry-recognized certifications such as Certified Cyber Crime Investigator, Certified Ethical Hacker (C|EH), Certified Security Analyst (ECSA), ISO 27001 Lead Auditor, IBM-certified Specialist-Rational AppScan, Certified Information Security Manager (CISM), PRINCE2, and so on. He has been closely associated with Indian law enforcement agencies for over three years, dealing with digital crime investigations and related training, and has received several awards and appreciations from senior officials from the police and defense organizations in India.