Metasploit Penetration Testing Cookbook(Third Edition)
Daniel Teixeira Abhinav Singh Monika Agarwal更新时间:2021-06-24 19:20:42
最新章节:Leave a review - let other readers know what you thinkcoverpage
Title Page
Contributors
About the authors
Packt is searching for authors like you
Packt Upsell
Why subscribe?
PacktPub.com
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Sections
Getting ready
How to do it…
How it works…
There's more…
Get in touch
Reviews
Disclaimer
Metasploit Quick Tips for Security Professionals
Introduction
Installing Metasploit on Windows
Getting ready
How to do it...
Installing Linux and macOS
How to do it...
Installing Metasploit on macOS
How to do it...
Using Metasploit in Kali Linux
Getting ready
How to do it...
There's more...
Upgrading Kali Linux
Setting up a penetration-testing lab
Getting ready
How to do it...
How it works...
Setting up SSH connectivity
Getting ready
How to do it...
Connecting to Kali using SSH
How to do it...
Configuring PostgreSQL
Getting ready
How to do it...
There's more...
Creating workspaces
How to do it...
Using the database
Getting ready
How to do it...
Using the hosts command
How to do it...
Understanding the services command
How to do it...
Information Gathering and Scanning
Introduction
Passive information gathering with Metasploit
Getting ready
How to do it...
DNS Record Scanner and Enumerator
There's more...
CorpWatch Company Name Information Search
Search Engine Subdomains Collector
Censys Search
Shodan Search
Shodan Honeyscore Client
Search Engine Domain Email Address Collector
Active information gathering with Metasploit
How to do it...
TCP Port Scanner
TCP SYN Port Scanner
Port scanning—the Nmap way
Getting ready
How to do it...
How it works...
There's more...
Operating system and version detection
Increasing anonymity
Port scanning—the db_nmap way
Getting ready
How to do it...
Nmap Scripting Engine
Host discovery with ARP Sweep
Getting ready
How to do it...
UDP Service Sweeper
How to do it...
SMB scanning and enumeration
How to do it...
Detecting SSH versions with the SSH Version Scanner
Getting ready
How to do it...
FTP scanning
Getting ready
How to do it...
SMTP enumeration
Getting ready
How to do it...
SNMP enumeration
Getting ready
How to do it...
HTTP scanning
Getting ready
How to do it...
WinRM scanning and brute forcing
Getting ready
How to do it...
Integrating with Nessus
Getting ready
How to do it...
Integrating with NeXpose
Getting ready
How to do it...
Integrating with OpenVAS
How to do it...
Server-Side Exploitation
Introduction
Getting to know MSFconsole
MSFconsole commands
Exploiting a Linux server
Getting ready
How to do it...
How it works...
What about the payload?
SQL injection
Getting ready
How to do it...
Types of shell
Getting ready
How to do it...
Exploiting a Windows Server machine
Getting ready
How to do it...
Exploiting common services
Getting ready
How to do it
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
Getting ready
How to do it...
MS17-010 EternalRomance/EternalSynergy/EternalChampion
How to do it...
Installing backdoors
Getting ready
How to do it...
Denial of Service
Getting ready
How to do it...
How to do it...
Meterpreter
Introduction
Understanding the Meterpreter core commands
Getting ready
How to do it...
How it works...
Understanding the Meterpreter filesystem commands
How to do it...
How it works...
Understanding Meterpreter networking commands
Getting ready
How to do it...
How it works...
Understanding the Meterpreter system commands
How to do it...
Setting up multiple communication channels with the target
Getting ready
How to do it...
How it works...
Meterpreter anti-forensics
Getting ready
How to do it...
How it works...
There's more...
The getdesktop and keystroke sniffing
Getting ready
How to do it...
There's more...
Using a scraper Meterpreter script
Getting ready
How to do it...
How it works...
Scraping the system using winenum
How to do it...
Automation with AutoRunScript
How to do it...
Meterpreter resource scripts
How to do it...
Meterpreter timeout control
How to do it...
Meterpreter sleep control
How to do it...
Meterpreter transports
How to do it...
Interacting with the registry
Getting ready
How to do it...
Loading framework plugins
How to do it...
Meterpreter API and mixins
Getting ready
How to do it...
How it works...
Railgun—converting Ruby into a weapon
Getting ready
How to do it...
How it works...
There's more...
Adding DLL and function definitions to Railgun
How to do it...
How it works...
Injecting the VNC server remotely
Getting ready
How to do it...
Enabling Remote Desktop
How to do it...
How it works...
Post-Exploitation
Introduction
Post-exploitation modules
Getting ready
How to do it...
How it works...
How to do it...
How it works...
Bypassing UAC
Getting ready
How to do it...
Dumping the contents of the SAM database
Getting ready
How to do it...
Passing the hash
How to do it...
Incognito attacks with Meterpreter
How to do it...
Using Mimikatz
Getting ready
How to do it...
There's more...
Setting up a persistence with backdoors
Getting ready
How to do it...
Becoming TrustedInstaller
How to do it...
Backdooring Windows binaries
How to do it...
Pivoting with Meterpreter
Getting ready
How to do it...
How it works...
Port forwarding with Meterpreter
Getting ready
How to do it...
Credential harvesting
How to do it...
Enumeration modules
How to do it...
Autoroute and socks proxy server
How to do it...
Analyzing an existing post-exploitation module
Getting ready
How to do it...
How it works...
Writing a post-exploitation module
Getting ready
How to do it...
Using MSFvenom
Introduction
Payloads and payload options
Getting ready
How to do it...
Encoders
How to do it...
There's more...
Output formats
How to do it...
Templates
Getting ready
How to do it...
Meterpreter payloads with trusted certificates
Getting ready
How to do it...
There's more...
Client-Side Exploitation and Antivirus Bypass
Introduction
Exploiting a Windows 10 machine
Getting ready
How to do it...
Bypassing antivirus and IDS/IPS
How to do it...
Metasploit macro exploits
How to do it...
There's more...
Human Interface Device attacks
Getting ready
How to do it...
HTA attack
How to do it...
Backdooring executables using a MITM attack
Getting ready
How to do it...
Creating a Linux trojan
How to do it...
Creating an Android backdoor
Getting ready
How to do it...
There's more...
Social-Engineer Toolkit
Introduction
Getting started with the Social-Engineer Toolkit
Getting ready
How to do it...
How it works...
Working with the spear-phishing attack vector
How to do it...
Website attack vectors
How to do it...
Working with the multi-attack web method
How to do it...
Infectious media generator
How to do it...
How it works...
Working with Modules for Penetration Testing
Introduction
Working with auxiliary modules
Getting ready
How to do it...
DoS attack modules
How to do it...
HTTP
SMB
Post-exploitation modules
Getting ready
How to do it...
Understanding the basics of module building
How to do it...
Analyzing an existing module
Getting ready
How to do it...
Building your own post-exploitation module
Getting ready
How to do it...
Building your own auxiliary module
Getting ready
How to do it...
Exploring Exploits
Introduction
Common exploit mixins
How to do it...
Exploiting the module structure
Getting ready
How to do it...
How it works...
Using MSFvenom to generate shellcode
Getting ready
How to do it...
Converting an exploit to a Metasploit module
Getting ready
How to do it...
Porting and testing the new exploit module
Getting ready
How to do it...
Fuzzing with Metasploit
Getting ready
How to do it...
Writing a simple fuzzer
How to do it...
How it works...
Wireless Network Penetration Testing
Introduction
Getting ready
Metasploit and wireless
How to do it...
Understanding an evil twin attack
Getting ready
How to do it...
Configuring Karmetasploit
Getting ready
How to do it...
Wireless MITM attacks
Getting ready
How to do it...
SMB relay attacks
How to do it...
There's more...
Cloud Penetration Testing
Introduction
Metasploit in the cloud
Getting ready
How to do it...
There's more...
Metasploit PHP Hop
Getting ready
How to do it...
Phishing from the cloud
Getting ready
How to do it...
Setting up a cloud penetration testing lab
How to do it...
There's more...
Best Practices
Introduction
Best practices
How to do it...
Guided partitioning with encrypted LVM
Using Metasploit over the Tor network
Getting ready
How to do it...
Metasploit logging
How to do it...
There's more...
Documentation
How to do it...
Cleaning up
How to do it...
Other Books You May Enjoy
Leave a review - let other readers know what you think
更新时间:2021-06-24 19:20:42