Metasploit: The Penetration Tester’s Guide

The free and open source Metasploit Framework is the most popular suite of penetration testing tools in the world, with more than one million downloads yearly.

Metasploit: The Penetration Tester’s Guide teaches readers how to identify vulnerabilities in networks by using Metasploit to launch simulated attacks. The book’s authors, acknowledged Metasploit gurus, begin by building a foundation for penetration testing and establishing a methodology.

From there, they explain the Framework’s conventions, interfaces, and module system, and then move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, devastating wireless attacks, and targeted social-engineering attacks.

This book shows penetration testers how to:

• Find exploits in unmaintained, misconfigured, and unpatched systems
• Perform reconnaissance and find valuable information about a target
• Bypass antivirus technologies and circumvent security controls
• Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery
• Use the Meterpreter shell to launch attacks from inside a network
• Harness stand-alone Metasploit utilities, third-party tools, and plug-ins
• Learn how to write Meterpreter post exploitation modules and scripts.