Metasploit toolkit for penetration testing, exploit development, and vulnerability research
This is the first book available for the Metasploit Framework (MSF), which is the attack platform of choice for one of the fastest growing careers in IT security: Penetration Testing. The book and companion Web site will provide professional penetration testers and security researchers with a fully...
| Autor principal: | |
|---|---|
| Otros Autores: | |
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Burlington, MA :
Syngress
c2007.
|
| Edición: | 1st edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009627127806719 |
Tabla de Contenidos:
- Front Cover; Metasploit Toolkit: For Penetration Testing, Exploit Development, and Vulnerability Research; Copyright Page; Contents; Admins a Vulnerability-Testing Advantage; Chapter 1. Introduction to Metasploit; Introduction; Overview: Why Is Metasploit Here?; History of Metasploit; Metasploit Core Development; Technology Overview; Leveraging Metasploit on Penetration Tests; Understanding Metasploit Channels; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 2. Architecture, Environment, and Installation; Introduction; Understanding the Soft Architecture
- Configuring and Locking Down Your SystemInstallation; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 3. Metasploit Framework and Advanced Environment Configurations; Introduction; Configuration High-Level Overview; Global Datastore; Module Datastore; Saved Environment; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 4. Advanced Payloads and Add-on Modules; Introduction; Meterpreter; VNC Inject; PassiveX; Auxiliary Modules; Automating the Pen-Test; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 5. Adding New Payloads
- Introduction: Why ShouldYou Care about Metasploit?Types of Payloads; Adding New Exploit Payloads; Adding New Auxiliary Payloads; Bonus: Finding 0day While Creating Different Types o f Payloads; Summary; Case Studies; Case Study 1. RaXnet Cacti Remote Command Execution; Case Study 2. Mercur Messaging 2005 SP3 IMAP Remote Buffer Overflow (CVE -2006-1255); Case Study 3. SlimFTPd String Concatenation Overflow; Case Study 4. WS-FTP Server 5.03 MKD Overflow; Case Study 5. MailEnable HTTP Authorization Header Buffer Overflow
- Appendix A. Advantages of Network Vulnerability Testing with Metasploit 3.0Introduction; Vulnerability Scanning; How Metasploit Gives Sys; Summary; Appendix B. Building a Test Lab for Penetration Testing; Introduction; Some Background; Setting up a Penetration Test Lab; Types of Pentest Labs; Selecting the Right Hardware; Selecting the Right Software; Running Your Lab; Selecting a Pentest Framework; Targets in the Penetration Test Lab; Other Scenario Ideas; Summary; Appendix C. Glossary of Technology and Terminology; Index
