Abhinav Singh. - Metasploit Penetration Testing Cookbook

Monika Agarwal is a young Information Security Researcher from India. She has presented many research papers at both national and international conferences. She is a member of IAENG (International Association of Engineers). Her main areas of interest are ethical hacking and ad hoc networking.

I would like to thank my parents, my husband, Nikhil, and give special thanks to my father-in-law and mother-in-law for always being so supportive. And last but not the least, Packt Publishing, for giving me this opportunity.

Abhinav Singh is a young Information Security Specialist from India. He has a keen interest in the field of Hacking and Network Security. He actively works as a freelancer with several security companies, and provides them consultancy. Currently, he is employed as a Systems Engineer at Tata Consultancy Services, India. He is an active contributor of the SecurityXploded community. He is well recognized for his blog (http://hackingalert.blogspot.com), where he shares his encounters with hacking and network security. Abhinav's works have been quoted in several technology magazines and portals.

I would like to thank my parents, for always being supportive and letting me do what I want; my sister, for being my doctor and taking care of my fatigue level, Sachin Raste sir, for taking the pain to review my work; and Kanishka Khaitan, for being my perfect role model. I would also like to thank my blog followers for their comments and suggestions, and last but not the least, to Packt Publishing, for making this a memorable project for me.

Conrad Brown started his career in the IT field at a small print shop, helping the IT support team with daily tasks. From there, he developed a passion for IT Security and Systems Engineering. He currently works as a System Engineer for the United States Federal Government, where he has won awards for his work. He found the Southern Maryland Hacker Space and is the Lead Technical Writer for Lokisec.com. When not working on any of these projects, he helps local small businesses by securing their IT infrastructure.

Sagar A. Rahalkar is a seasoned Information Security Professional, having close to 7 years of comprehensive experience in various verticals of I.S, such as Cyber Crime Investigations, Digital Forensics, Application Security, Vulnerability Assessment and Penetration Testing, Compliance for Mandates and Regulations, and so on. He holds a Master's degree in Computer Science, and several industry recognized certifications, such as a Certified Cyber Crime Investigator, Certified Ethical Hacker, Certified Security Analyst, ISO 27001 Lead Auditor, IBM Certified Specialist, Rational AppScan, Certified Information Security Manager (CISM), and more. He has been closely associated with Indian Law Enforcement agencies for more than three years, dealing with digital crime investigations and related trainings, and received several awards and appreciations from senior officials of Police and Defense organizations in India. He is also associated with several online Information Security publications, both as an author, as well as a reviewer. He can be reached at <>.

www.PacktPub.com

Support files, eBooks, discount offers and more

You might want to visit www.PacktPub.com for support files and downloads related to your book.

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at > for more details.

At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.

http://PacktLib.PacktPub.com

Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can access, read and search across Packt's entire library of books.

Why Subscribe?

• Fully searchable across every book published by Packt
• Copy and paste, print and bookmark content
• On demand and accessible via web browser

Free Access for Packt account holders

If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib today and view nine entirely free books. Simply use your login credentials for immediate access.

Preface

Welcome to Metasploit Penetration Testing Cookbook, Second Edition . This book covers various recipes of performing penetration testing over different platforms (including a Wireless network and VoIP) using BackTrack 5 R3. The book starts with the basics of gathering information about your target and gradually covers advanced topics, such as building your own framework scripts and modules.

The book goes deep into operating-systems-based penetration testing techniques and moves ahead with client-based exploitation methodologies. In the post-exploitation phase, it covers Meterpreter, antivirus bypassing, Ruby wonders, exploit building, porting exploits to framework, and pentesting while dealing with VoIP, Wireless, and so on. This book will help readers in thinking from a hacker's perspective, to dig out the flaws in target networks and also to leverage the powers of Metasploit to compromise them. It will take your penetration skills to the next level. It covers advanced Meterpreter usage for token impersonation and WinAPI manipulation, ESPIA, Incognito attack, injecting the VNC server remotely, exploiting vulnerable PHP applications, and much more.