Metasploit toolkit for penetration testing, exploit development, and vulnerability research / David Maynor, K.K. Mookhey.

Format:

Book

Author/Creator:

Maynor, David.

Contributor:

Mookhey, K. K.

Language:

English

Subjects (All):

Computer security.

Open source software.

Physical Description:

1 online resource (289 p.)

Edition:

1st edition

Place of Publication:

Burlington, MA : Syngress, c2007.

Language Note:

English

System Details:

text file

Summary:

This is the first book available for the Metasploit Framework (MSF), which is the attack platform of choice for one of the fastest growing careers in IT security: Penetration Testing. The book and companion Web site will provide professional penetration testers and security researchers with a fully integrated suite of tools for discovering, running, and testing exploit code.This book discusses how to use the Metasploit Framework (MSF) as an exploitation platform. The book begins with a detailed discussion of the three MSF interfaces: msfweb, msfconsole, and msfcli .This chapter demonst

Contents:

Front Cover; Metasploit Toolkit: For Penetration Testing, Exploit Development, and Vulnerability Research; Copyright Page; Contents; Admins a Vulnerability-Testing Advantage; Chapter 1. Introduction to Metasploit; Introduction; Overview: Why Is Metasploit Here?; History of Metasploit; Metasploit Core Development; Technology Overview; Leveraging Metasploit on Penetration Tests; Understanding Metasploit Channels; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 2. Architecture, Environment, and Installation; Introduction; Understanding the Soft Architecture

Configuring and Locking Down Your SystemInstallation; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 3. Metasploit Framework and Advanced Environment Configurations; Introduction; Configuration High-Level Overview; Global Datastore; Module Datastore; Saved Environment; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 4. Advanced Payloads and Add-on Modules; Introduction; Meterpreter; VNC Inject; PassiveX; Auxiliary Modules; Automating the Pen-Test; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 5. Adding New Payloads

Introduction: Why ShouldYou Care about Metasploit?Types of Payloads; Adding New Exploit Payloads; Adding New Auxiliary Payloads; Bonus: Finding 0day While Creating Different Types o f Payloads; Summary; Case Studies; Case Study 1. RaXnet Cacti Remote Command Execution; Case Study 2. Mercur Messaging 2005 SP3 IMAP Remote Buffer Overflow (CVE -2006-1255); Case Study 3. SlimFTPd String Concatenation Overflow; Case Study 4. WS-FTP Server 5.03 MKD Overflow; Case Study 5. MailEnable HTTP Authorization Header Buffer Overflow

Appendix A. Advantages of Network Vulnerability Testing with Metasploit 3.0Introduction; Vulnerability Scanning; How Metasploit Gives Sys; Summary; Appendix B. Building a Test Lab for Penetration Testing; Introduction; Some Background; Setting up a Penetration Test Lab; Types of Pentest Labs; Selecting the Right Hardware; Selecting the Right Software; Running Your Lab; Selecting a Pentest Framework; Targets in the Penetration Test Lab; Other Scenario Ideas; Summary; Appendix C. Glossary of Technology and Terminology; Index

Notes:

Description based upon print version of record.

Includes bibliographical references and index.

ISBN:

9786611112585

9781281112583

1281112585

9780080549255

008054925X

OCLC:

476126467