Tabla de Contenidos: “…Cover -- Copyright and Credits -- Dedication -- Packt Upsell -- Contributors -- Table of Contents -- Preface -- Chapter 1: Approaching a Penetration Test Using Metasploit -- Organizing a penetration test -- Preinteractions -- Intelligence gathering/reconnaissance phase -- Threat modeling -- Vulnerability analysis -- Exploitation and post-exploitation -- Reporting -- Mounting the environment -- Setting up Kali Linux in a virtual environment -- The fundamentals of Metasploit -- Conducting a penetration test with Metasploit -- Recalling the basics of Metasploit -- Benefits of penetration testing using Metasploit -- Open source -- Support for testing large networks and natural naming conventions -- Smart payload generation and switching mechanism -- Cleaner exits -- The GUI environment -- Case study - diving deep into an unknown network -- Gathering intelligence -- Using databases in Metasploit -- Modeling threats -- Vulnerability analysis - arbitrary file upload (unauthenticated) -- Attacking mechanism on the PhpCollab 2.5.1 application -- Exploitation and gaining access -- Escalating privileges with local root exploits -- Maintaining access with Metasploit -- Post-exploitation and pivoting -- Vulnerability analysis - SEH based buffer overflow -- Exploiting human errors by compromising Password Managers -- Revisiting the case study -- Revising the approach -- Summary and exercises -- Chapter 2: Reinventing Metasploit -- Ruby - the heart of Metasploit -- Creating your first Ruby program -- Interacting with the Ruby shell -- Defining methods in the shell -- Variables and data types in Ruby -- Working with strings -- Concatenating strings -- The substring function -- The split function -- Numbers and conversions in Ruby -- Conversions in Ruby -- Ranges in Ruby -- Arrays in Ruby -- Methods in Ruby -- Decision-making operators -- Loops in Ruby…”