finelybook
Metasploit, 2nd Edition
Author(s): David Kennedy (Author), Mati Aharoni (Author), Devon Kearns (Author), Jim O’Gorman (Author), Daniel G. Graham (Author)
- Publisher finelybook 出版社: No Starch Press
- Publication Date 出版日期: January 28, 2025
- Edition 版本: 2nd
- Language 语言: English
- Print length 页数: 288 pages
- ISBN-10: 1718502982
- ISBN-13: 9781718502987
Book Description
Written by renowned ethical hackers and industry experts, this fully updated second edition includes:
- Advanced Active Directory and cloud penetration testing
- Modern evasion techniques and payload encoding
- Malicious document generation for client-side exploitation
- Coverage of recently added modules and commands
Starting with Framework essentials—exploits, payloads, Meterpreter, and auxiliary modules—you’ll progress to advanced methodologies aligned with the Penetration Test Execution Standard (PTES). Through real-world examples and simulated penetration tests, you’ll:
- Conduct network reconnaissance and analyze vulnerabilities
- Execute wireless network and social engineering attacks
- Perform post-exploitation techniques, including privilege escalation
- Develop custom modules in Ruby and port existing exploits
- Use MSFvenom to evade detection
- Integrate with Nmap, Nessus, and the Social-Engineer Toolkit
Whether you’re a cybersecurity professional, ethical hacker, or IT administrator, this second edition of Metasploit: The Penetration Tester’s Guide is your key to staying ahead in the ever-evolving threat landscape.
Editorial Reviews
Review
—Help Net Security
“This is an excellent book to help familiarize testers with one of the most popular security tools ever created. It will help guide you through familiar concepts and how they integrate into the broader security framework of Metasploit. An absolutely fantastic addition to any penetration tester’s bookshelf.”
“The Metasploit Framework has enrichments and features that can enhance your offensive security journey, and they’re all covered in this book. Many users are acquainted with the pre-built exploitation and initial access use cases covered in the first edition, but this update includes new vulnerabilities, their associated modules, and the new frontier of cloud penetration testing. A practitioner’s toolkit and environment may change, but the methodology remains the same.”
—Andy “ApexPredator” Poole, OSEE, GSE “[P]rovides invaluable insights for penetration testers seeking to enhance their skills and understanding using Metasploit. However, its benefits extend beyond penetration testers. In contrast, blue teamers can also leverage the same techniques and knowledge in this book to go behind enemy lines and identify gaps in their own security controls before they can be exploited by attackers using the same toolset.”
—Josh Tristram, @jdtristram, Healthcare Blue Teamer
“An easy read that is more than a metasploit book. It covers beginner and intermediate concepts anyone interested in the offensive side of security should understand.”
—Dave Curtin, security consultant, LRQA
