Text
Metasploit: the penetration tester's guide
CONTENT
1 THE ABSOLUTE BASICS OF PENETRATION TESTING
THE PHASES OF THE PTES
TYPES OF PENETRATION TESTS
VULNERABILITY SCANNERS
PULLING IT ALL TOGETHER
2 METASPLOIT BASICS
TERMINOLOGY
METASPLOIT INTERFACES
METASPLOIT UTILITIES
METASPLOIT EXPRESS AND METASPLOIT PRO
WRAPPING UP
3 INTELLIGENCE GATHERING
PASSIVE INFORMATION GATHERING
TARGETED SCANNING
WRITING A CUSTOM SCANNER
LOOKING AHEAD
4 VULNERABILITY SCANNING
THE BASIC VULNERABILITY SCAN
SCANNING WITH NEXPOSE
SANNING WITH NESSUS
SPECIALITY VULNERABILITY SCANNERS
5 THE JOY OF EXPLOITATION
BASIC EXPLOITATION
EXPLOITING YOUR FIRST MACHINE
EXPLOITING AN UBUNTU MACHINE
ALL-PORTS PAYLOADS : BRUTE FORCING PORTS
RESOURCE FILES
WRAPPING UP
6 METERPRETER
COMPROMISING A WINDOWS XP VITRUAL MACHINE
DUMPING USERNAMES AND PASSWORD
PASS THE HASH
PRIVILEGE ESCALATION
TOKEN IMPERSONATION
USING PS
PRIVOTING ONTO OTHER SYSTEMS
USING METERPRETER SCRIPTS
LEVERAGING POST EXPLOITATION MODULES
UPGRADING YOUR COMMAND SHELL TO METERPRETER
MANIPULATING WINDOWS APLS WITH THE RAILGUN ADD-ON
WRAPPING UP
7 AVOIDING DETECTION
CREATING STAND-ALONE BINARIES WITH MSFPAYLOAD
EVADING ANTIVIRUS DETECTION
CUSTOM EXECUTABLE TEMPLATES
LAUNCHING A PAYLOAD STEALTHILY
POCKERS
A FINAL NOTE ON ANTIVIRUS SOFTWARE EVASION
8 EXPLOITATION USING CLIENSIDE ATTACKS
BROWSER-BASED EXPLOITS
USING IMMUNITY DEBBUGGER TO DECIPHER NOP SHELLCODE
EXPLORING THE INTERNETEXPLORER AURORA EXPLOIT
FILE FORMAT EXPLOITS
SENDING THE PAYLOARD
WRAPPING UP
9 METASPLOIT AUXILIARY MODULES
AUXILIARY MODULES IN USE
ANATOMY OF AN AUXILIARY MODULE
GOING FORWARD
10 THE SOCIAL-ENGINEER TOOLKIT
CONFIGURING THE SOCIAL-ENGINEER TOOLKIT
SPEAR-PHISHING ATTACK VECTOR
WEB ATTACK VECTORS
INFECTIOUS MEDIA GENERATOR
TEENSY USB HID ATTACK VECTOR
ADDITIONAL SET FEATURES
LOOKING AHEAD
11 FAST-TRACK
MICROSOFT SQL INJECTION
BINARY-TO-HEX GENERATOR
MASS CLIENT-SIDE ATTACK
A FEW WORDS ABOUT AUTOMATION
12 KARMETASPLOIT
CONFIGURATION
LAUNCHING THE ATTACK
CREDENTIAL HARVESTING
GETTING A SHELL
WRAPPING UP
13 BUILDING YOUR OWN MODULE
GETTING COMMAND EXCUTION ON MICROSOFT SQL
EXPLORING AN EXISTING METASPLOIT MODULE
CREATING A NEW MODULE
THE POWER OF CODE REUSE
14 CREATING YOUR OWN EXPLOITA
THE ART OF FUZZING
CONTROLLING THE STRUCTURED EXCEPTION HANDLER
HOPPING AROUND SEH RESTRICTIONS
GETTING A RETURN ADDRESS
BAD CHARACTERS AND REMOTE CODE EXECUTION
WRAPPING UP
15 PORTING EXPLOITS TO THE METASPLOIT FRAMEWWORK
ASSEMBLY LANGUAGE BASICS
PORTING A BUFFER OVERFLOW
SEH OVERWRITE EXPLOITING
WRAPPING UP
16 METERPRETER SCRIPTING
METERPRETER SCRIPTING BASICS
METERPRETER API
RULES FOR WRITING METERPRETER SCRIPTS
CREATING YOUR OWN METERPRETER SCRIPT
WRAPPING UP
17 SIMULATED PENETRATION TEST
PRE-ENGAGEMENT INTERACTIONS
INTELLIGENCE GATHERING
THREAT MODELING
EXPLOITATION
CUSTOMIZING MSFCONSOLE
POST EXPLOITIATION
ATTACKING APACHE TOMCAT
ATTACKING OBSCURE SERVICES
COVERING YOUR TRACKS
WRAPPING UP
Availability
Detail Information
- Series Title
-
--
- Call Number
-
004 KEN M
- Publisher
- San Fransisco : no Start Press., 2011
- Collation
-
xxiv, 304 hlm.; ilus.; 24 cm
- Language
-
English
- ISBN/ISSN
-
9781593272883
- Classification
-
004
- Content Type
-
-
- Media Type
-
-
- Carrier Type
-
-
- Edition
-
--
- Subject(s)
-
-
- Specific Detail Info
-
--
- Statement of Responsibility
-
David Kennedy (et al)
Other version/related
No other version available
File Attachment
Comments
You must be logged in to post a comment
Computer Science, Information & General Works 
Philosophy & Psychology 
Religion 
Social Sciences 
Language 
Pure Science 
Applied Sciences 
Art & Recreation 
Literature 
History & Geography