舉報 
會員
Mastering Metasploit
UpdatedforthelatestversionofMetasploit,thisbookwillprepareyoutofaceeverydaycyberattacksbysimulatingreal-worldscenarios.Completewithstep-by-stepexplanationsofessentialconceptsandpracticalexamples,MasteringMetasploitwillhelpyougaininsightsintoprogrammingMetasploitmodulesandcarryingoutexploitation,aswellasbuildingandportingvariouskindsofexploitsinMetasploit.Givingyoutheabilitytoperformtestsondifferentservices,includingdatabases,IoT,andmobile,thisMetasploitbookwillhelpyougettogripswithreal-world,sophisticatedscenarioswhereperformingpenetrationtestsisachallenge.You'llthenlearnavarietyofmethodsandtechniquestoevadesecuritycontrolsdeployedatatarget'sendpoint.Asyouadvance,you’llscriptautomatedattacksusingCORTANAandArmitagetoaidpenetrationtestingbydevelopingvirtualbotsanddiscoverhowyoucanaddcustomfunctionalitiesinArmitage.Followingreal-worldcasestudies,thisbookwilltakeyouonajourneythroughclient-sideattacksusingMetasploitandvariousscriptsbuiltontheMetasploit5.0framework.Bytheendofthebook,you’llhavedevelopedtheskillsyouneedtoworkconfidentlywithefficientexploitationtechniques.
目錄(116章)
倒序
- 封面
- Mastering Metasploit Fourth Edition
- Mastering Metasploit Fourth Edition
- Why subscribe?
- Contributors About the author
- About the reviewers
- Packt is searching for authors like you
- Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Download the example code files
- Download the color images
- Conventions used
- Get in touch
- Reviews
- Section 1 – Preparation and Development
- Chapter 1: Approaching a Penetration Test Using Metasploit
- Technical requirements
- Organizing a penetration test
- Mounting the environment
- The fundamentals of Metasploit
- Conducting a penetration test with Metasploit
- Benefits of penetration testing using Metasploit
- Case study – reaching the domain controller
- Revisiting the case study
- Summary
- Chapter 2: Reinventing Metasploit
- Technical requirements
- Ruby – the heart of Metasploit
- Understanding Metasploit modules
- Developing an auxiliary – the FTP scanner module
- Developing an auxiliary—the SSH brute force module
- Developing post-exploitation modules
- Post-exploitation with RailGun
- Summary
- Chapter 3: The Exploit Formulation Process
- Technical requirements
- The absolute basics of exploitation
- Exploiting a stack overflow vulnerability with Metasploit
- Exploiting SEH-based buffer overflows with Metasploit
- Bypassing DEP in Metasploit modules
- Other protection mechanisms
- Summary
- Chapter 4: Porting Exploits
- Technical requirements
- Importing a stack-based buffer overflow exploit
- Importing a web-based RCE exploit into Metasploit
- Importing TCP server/browser-based exploits into Metasploit
- Summary
- Section 2 – The Attack Phase
- Chapter 5: Testing Services with Metasploit
- Technical requirements
- The fundamentals of testing SCADA systems
- Database exploitation
- Testing VOIP services
- Summary
- Chapter 6: Virtual Test Grounds and Staging
- Technical requirements
- Performing a penetration test with integrated Metasploit services
- Generating manual reports
- Summary
- Chapter 7: Client-Side Exploitation
- Technical requirements
- Exploiting browsers for fun and profit
- Compromising the clients of a website
- Metasploit and Arduino – the deadly combination
- File format-based exploitation
- Attacking Android with Metasploit
- Summary
- Section 3 – Post-Exploitation and Evasion
- Chapter 8: Metasploit Extended
- Technical requirements
- Basic Windows post-exploitation commands
- Windows versus Linux basic post-exploitation commands
- Advanced Windows post-exploitation modules
- Advanced multi-OS extended features of Metasploit
- Privilege escalation with Metasploit
- Summary
- Chapter 9: Evasion with Metasploit
- Technical requirements
- Evading Meterpreter detection using C wrappers and custom encoders
- Evading Meterpreter with Python
- Evading intrusion detection systems with Metasploit
- Bypassing Windows firewall blocked ports
- Summary
- Chapter 10: Metasploit for Secret Agents
- Technical requirements
- Maintaining anonymity in Meterpreter sessions using proxy and HOP payloads
- Maintaining access using search order hijacking in standard software
- Harvesting files from target systems
- Using Venom for obfuscation
- Covering tracks with anti-forensics modules
- Summary
- Chapter 11: Visualizing Metasploit
- Technical requirements
- Kage for Meterpreter sessions
- Automated exploitation using Armitage
- Red teaming with the Armitage team server
- Scripting Armitage
- Summary
- Chapter 12: Tips and Tricks
- Technical requirements
- Automation using the Minion script
- Using connect instead of Netcat
- Shell upgrades and background sessions
- Naming conventions
- Saving configurations in Metasploit
- Using inline handler and renaming jobs
- Running commands on multiple Meterpreters
- Automating the Social Engineering Toolkit
- Cheat sheets for Metasploit and penetration testing
- Summary
- Further reading
- Other Books You May Enjoy
- Leave a review - let other readers know what you think 更新時間:2021-06-30 14:51:15
推薦閱讀
- 實用口腔正畸臨床技術圖譜
- 動態對比增強磁共振成像
- 運動學(第二版)
- 膜性概念神經外科學
- 常見惡性腫瘤治療原則與實施方案
- 骨骼肌靜力性負荷所致損傷機理的研究
- Android Studio 4.0 Development Essentials(Java Edition)
- 針灸學基本概念術語通典(上下冊)
- 龍層花健脊防癌方案
- 神經系統疾病與精神障礙
- 病人家屬,請來一下(譯文科學)
- 深井效應
- 視神經疾病中西醫結合診治(第2版)
- 干燥綜合征
- 國醫大師孫光榮“中和”思想與臨證經驗集萃
- Hands-On High Performance Programming with Qt 5
- 中西醫結合眼科學
- 甲狀腺惡性腫瘤超聲及病理圖譜
- 同仁鼻咽喉影像學
- 上消化道超聲內鏡實用診療手冊
- 國民視覺健康報告
- 連續性腎臟替代治療
- 實用精神科疾病診療與護理實踐
- 口腔門診麻醉并發癥及處理
- 喳星人都有焦慮癥
- Learn Python by Building Data Science Applications
- 案析鼻腔鼻竇腫瘤診治
- 中國睡眠醫學中心標準化建設指南
- 病毒性肝炎診療及管理
- 結直腸癌多學科綜合診療
