evade antiviruses, bypass firewalls, and exploit complex environments with the most widely used penetration testing framework Metasploit Penetration testing cookbook / Daniel Teixeira, Abhinav Singh, Nipun Jaswal.

Format:

Book

Author/Creator:

Teixeira, Daniel, author.

Singh, Abhinav, author.

Jaswal, Nipun, author.

Language:

English

Subjects (All):

Metasploit (Electronic resource).

Computers--Access control.

Computers.

Physical Description:

1 online resource (389 pages)

Edition:

Third edition.

Place of Publication:

Birmingham, [England] ; Mumbai, [India] : Packt Publishing, 2018.

System Details:

text file

Summary:

Over 100 recipes for penetration testing using Metasploit and virtual machines About This Book Special focus on the latest operating systems, exploits, and penetration testing techniques Learn new anti-virus evasion techniques and use Metasploit to evade countermeasures Automate post exploitation with AutoRunScript Exploit Android devices, record audio and video, send and read SMS, read call logs, and much more Build and analyze Metasploit modules in Ruby Integrate Metasploit with other penetration testing tools Who This Book Is For If you are a Security professional or pentester and want to get into vulnerability exploitation and make the most of the Metasploit framework, then this book is for you. Some prior understanding of penetration testing and Metasploit is required. What You Will Learn Set up a complete penetration testing environment using Metasploit and virtual machines Master the world's leading penetration testing tool and use it in professional penetration testing Make the most of Metasploit with PostgreSQL, importing scan results, using workspaces, hosts, loot, notes, services, vulnerabilities, and exploit results Use Metasploit with the Penetration Testing Execution Standard methodology Use MSFvenom efficiently to generate payloads and backdoor files, and create shellcode Leverage Metasploit's advanced options, upgrade sessions, use proxies, use Meterpreter sleep control, and change timeouts to be stealthy In Detail Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports. In this book, you will go through great recipes that will allow you to start using Metasploit effectively. With an ever increasing level of complexity, and covering everything from the fundamentals to more advanced features in Metasploit, this book is not just for beginners but also for professionals keen to master this awesome tool. You will begin by building your lab environment, setting up Metasploit, and learning ho...

Contents:

Cover

Copyright and Credits

Contributors

Packt Upsell

Table of Contents

Preface

Chapter 1: Metasploit Quick Tips for Security Professionals

Introduction

Installing Metasploit on Windows

Getting ready

How to do it...

Installing Linux and macOS

Installing Metasploit on macOS

Using Metasploit in Kali Linux

There's more...

Upgrading Kali Linux

Setting up a penetration-testing lab

How it works...

Setting up SSH connectivity

Connecting to Kali using SSH

Configuring PostgreSQL

Creating workspaces

Using the database

Using the hosts command

Understanding the services command

Chapter 2: Information Gathering and Scanning

Passive information gathering with Metasploit

DNS Record Scanner and Enumerator

CorpWatch Company Name Information Search

Search Engine Subdomains Collector

Censys Search

Shodan Search

Shodan Honeyscore Client

Search Engine Domain Email Address Collector

Active information gathering with Metasploit

TCP Port Scanner

TCP SYN Port Scanner

Port scanning-the Nmap way

Operating system and version detection

Increasing anonymity

Port scanning-the db_nmap way

Nmap Scripting Engine

Host discovery with ARP Sweep

UDP Service Sweeper

SMB scanning and enumeration.

How to do it...

Detecting SSH versions with the SSH Version Scanner

FTP scanning

SMTP enumeration

SNMP enumeration

HTTP scanning

WinRM scanning and brute forcing

Integrating with Nessus

Integrating with NeXpose

Integrating with OpenVAS

Chapter 3: Server-Side Exploitation

Getting to know MSFconsole

MSFconsole commands

Exploiting a Linux server

What about the payload?

SQL injection

Types of shell

Exploiting a Windows Server machine

Exploiting common services

How to do it

MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption

MS17-010 EternalRomance/EternalSynergy/EternalChampion

Installing backdoors

Denial of Service

Chapter 4: Meterpreter

Understanding the Meterpreter core commands

Understanding the Meterpreter filesystem commands

Understanding Meterpreter networking commands

Understanding the Meterpreter system commands

Setting up multiple communication channels with the target

How it works.

Meterpreter anti-forensics

The getdesktop and keystroke sniffing

Using a scraper Meterpreter script

Scraping the system using winenum

Automation with AutoRunScript

Meterpreter resource scripts

Meterpreter timeout control

Meterpreter sleep control

Meterpreter transports

Interacting with the registry

Loading framework plugins

Meterpreter API and mixins

Railgun-converting Ruby into a weapon

Adding DLL and function definitions to Railgun

Injecting the VNC server remotely

Enabling Remote Desktop

Chapter 5: Post-Exploitation

Post-exploitation modules

Bypassing UAC

Dumping the contents of the SAM database

Passing the hash

Incognito attacks with Meterpreter

Using Mimikatz

Setting up a persistence with backdoors

Becoming TrustedInstaller

Backdooring Windows binaries

Pivoting with Meterpreter

Port forwarding with Meterpreter

Credential harvesting

Enumeration modules

Autoroute and socks proxy server

Analyzing an existing post-exploitation module

Writing a post-exploitation module

Chapter 6: Using MSFvenom

Payloads and payload options

Encoders

Output formats

Templates

Meterpreter payloads with trusted certificates

Chapter 7: Client-Side Exploitation and Antivirus Bypass

Exploiting a Windows 10 machine

Bypassing antivirus and IDS/IPS

Metasploit macro exploits

Human Interface Device attacks

HTA attack

Backdooring executables using a MITM attack

Creating a Linux trojan

Creating an Android backdoor

Chapter 8: Social-Engineer Toolkit

Getting started with the Social-Engineer Toolkit

Working with the spear-phishing attack vector

Website attack vectors

Working with the multi-attack web method

Infectious media generator

Chapter 9: Working with Modules for Penetration Testing

Working with auxiliary modules

How to do it.

DoS attack modules

HTTP

SMB

Understanding the basics of module building

Analyzing an existing module

Building your own post-exploitation module

Building your own auxiliary module

Chapter 10: Exploring Exploits

Common exploit mixins

Exploiting the module structure

Using MSFvenom to generate shellcode

Converting an exploit to a Metasploit module

Porting and testing the new exploit module

Fuzzing with Metasploit

Writing a simple fuzzer

Chapter 11: Wireless Network Penetration Testing

Metasploit and wireless

Understanding an evil twin attack

Configuring Karmetasploit

Wireless MITM attacks

SMB relay attacks

Chapter 12: Cloud Penetration Testing

Metasploit in the cloud

Metasploit PHP Hop

Phishing from the cloud

Setting up a cloud penetration testing lab

Chapter 13: Best Practices

Best practices

Guided partitioning with encrypted LVM

Using Metasploit over the Tor network

Getting ready.

How to do it.

Notes:

Includes index.

Description based on online resource; title from PDF title page (EBC, viewed March 22, 2018).

OCLC:

1028227328