舉報 
會員
Metasploit Bootcamp
Ifyouareapenetrationtester,ethicalhacker,orsecurityconsultantwhoquicklywantstomastertheMetasploitframeworkandcarryoutadvancedpenetrationtestinginhighlysecuredenvironmentsthen,thisbookisforyou.
最新章節
- Further roadmap and summary
- Creating a decoder executable
- Encrypting the shellcode
- Using shellcode for fun and profit
- Scenario 2: You can't see my meterpreter
- Summary of the attack
品牌:中圖公司
上架時間:2021-07-09 18:34:04
出版社:Packt Publishing
本書數字版權由中圖公司提供,并由其授權上海閱文信息技術有限公司制作發行
- Further roadmap and summary 更新時間:2021-07-09 21:00:32
- Creating a decoder executable
- Encrypting the shellcode
- Using shellcode for fun and profit
- Scenario 2: You can't see my meterpreter
- Summary of the attack
- Sniffing a network with Metasploit
- Dumping passwords in clear text
- Using the socks server module in Metasploit
- Scanning internal networks through a meterpreter pivot
- Pivoting to internal networks
- Migrating from a PHP meterpreter to a Windows meterpreter
- Gaining access to vulnerable web applications
- Fingerprinting the target with DB_NMAP
- Understanding the environment
- Scenario 1: Mirror environment
- Exploiting Real-World Challenges with Metasploit
- Summary and preparation for real-world scenarios
- Additional sections
- Methodology/network admin-level report
- The executive summary
- The format of the report
- Wrapping up and generating manual reports
- Global variables in Metasploit
- Using the multiscript module in the AutoRunScript option
- Using AutoRunScript in Metasploit
- Making use of resource scripts
- Using pushm and popm commands
- Fast-Paced Exploitation with Metasploit
- Summary and exercises
- Exploiting the application
- About the vulnerability
- Exploiting VoIP
- Spoofing a VoIP call
- Scanning VoIP services
- Fingerprinting VoIP services
- VoIP fundamentals
- Testing Voice over Internet Protocol services
- Restricting networks
- Implementing secure SCADA
- SCADA-based exploits
- The fundamentals of testing SCADA
- Analyzing security in SCADA systems
- The fundamentals of SCADA
- Gaining system access through MySQL
- Running MySQL commands through Metasploit
- Enumerating MySQL with Metasploit
- Checking for writable directories
- Using file enumeration in MySQL using Metasploit
- Dumping the MySQL schema with Metasploit
- Finding MySQL users with Metasploit
- Brute-forcing MySQL with Metasploit
- Using Metasploit's mysql_version module
- Testing MySQL with Metasploit
- Testing Services with Metasploit
- Summary
- Gaining persistent access on Linux systems
- Gaining persistent access on Windows-based systems
- Gaining persistent access with Metasploit
- Privilege escalation on Linux with Metasploit
- Escalating privileges on Windows Server 2008
- Metasploit and privilege escalation
- Obtaining password hashes using hashdump
- Changing access modification and creation time with timestomp
- Obtaining system privileges
- Migrating to safer processes
- Advanced post-exploitation with Metasploit
- Screenshots and camera enumeration
- Desktop commands
- File operation commands
- Networking commands
- Machine ID and the UUID command
- Background command
- The help menu
- Basic post-exploitation commands
- Extended post-exploitation with Metasploit
- Post-Exploitation with Metasploit
- Summary and exercises
- Exploiting the target application with Metasploit
- Generating a Metasploit module
- Gathering the essentials
- Converting exploits to Metasploit
- Attacking Android with Metasploit
- Attacking browsers with Metasploit browser_autopwn
- The technology behind a browser autopwn attack
- The browser autopwn attack
- Exploiting browsers for fun and profit
- Exploiting FTP services with Metasploit
- Testing the security of a GlassFish web server with Metasploit
- Exploiting Desktop Central 9 with Metasploit
- Using db_nmap in Metasploit
- Exploiting applications with Metasploit
- Setting up the practice environment
- Exploitation and Gaining Access
- Summary and exercises
- Libraries and the function
- Disassembling existing HTTP server scanner modules
- The format of a Metasploit module
- Module building essentials
- Scanning HTTPS/SSL with Metasploit
- Scanning HTTP services with Metasploit
- Scanning NetBIOS services with Metasploit
- Scanning SNMP services with Metasploit
- Brute-forcing MSSQL passwords
- Using the mssql_ping module
- Scanning MSSQL servers with Metasploit
- Modifying scanner modules for fun and profit
- Scanning FTP services
- Working with FTP servers using Metasploit
- Identifying and Scanning Targets
- Summary and exercises
- Phase-III: maintaining access / post-exploitation / covering tracks
- Phase-II: gaining access to the target
- Phase-I: footprinting and scanning
- Assumptions and testing setup
- Penetration testing with Metasploit
- Benefits of using Metasploit
- Metasploit Framework console and commands
- Architecture of Metasploit
- Basics of Metasploit Framework
- The fundamentals of Metasploit
- Setting up Kali Linux in a virtual environment
- Getting Started with Metasploit
- Questions
- Piracy
- Errata
- Downloading the color images of this book
- Customer support
- Reader feedback
- Conventions
- Who this book is for
- What you need for this book
- What this book covers
- Preface
- Dedication
- Customer Feedback
- www.PacktPub.com
- About the Reviewer
- About the Author
- Credits
- Title Page
- coverpage
- coverpage
- Title Page
- Credits
- About the Author
- About the Reviewer
- www.PacktPub.com
- Customer Feedback
- Dedication
- Preface
- What this book covers
- What you need for this book
- Who this book is for
- Conventions
- Reader feedback
- Customer support
- Downloading the color images of this book
- Errata
- Piracy
- Questions
- Getting Started with Metasploit
- Setting up Kali Linux in a virtual environment
- The fundamentals of Metasploit
- Basics of Metasploit Framework
- Architecture of Metasploit
- Metasploit Framework console and commands
- Benefits of using Metasploit
- Penetration testing with Metasploit
- Assumptions and testing setup
- Phase-I: footprinting and scanning
- Phase-II: gaining access to the target
- Phase-III: maintaining access / post-exploitation / covering tracks
- Summary and exercises
- Identifying and Scanning Targets
- Working with FTP servers using Metasploit
- Scanning FTP services
- Modifying scanner modules for fun and profit
- Scanning MSSQL servers with Metasploit
- Using the mssql_ping module
- Brute-forcing MSSQL passwords
- Scanning SNMP services with Metasploit
- Scanning NetBIOS services with Metasploit
- Scanning HTTP services with Metasploit
- Scanning HTTPS/SSL with Metasploit
- Module building essentials
- The format of a Metasploit module
- Disassembling existing HTTP server scanner modules
- Libraries and the function
- Summary and exercises
- Exploitation and Gaining Access
- Setting up the practice environment
- Exploiting applications with Metasploit
- Using db_nmap in Metasploit
- Exploiting Desktop Central 9 with Metasploit
- Testing the security of a GlassFish web server with Metasploit
- Exploiting FTP services with Metasploit
- Exploiting browsers for fun and profit
- The browser autopwn attack
- The technology behind a browser autopwn attack
- Attacking browsers with Metasploit browser_autopwn
- Attacking Android with Metasploit
- Converting exploits to Metasploit
- Gathering the essentials
- Generating a Metasploit module
- Exploiting the target application with Metasploit
- Summary and exercises
- Post-Exploitation with Metasploit
- Extended post-exploitation with Metasploit
- Basic post-exploitation commands
- The help menu
- Background command
- Machine ID and the UUID command
- Networking commands
- File operation commands
- Desktop commands
- Screenshots and camera enumeration
- Advanced post-exploitation with Metasploit
- Migrating to safer processes
- Obtaining system privileges
- Changing access modification and creation time with timestomp
- Obtaining password hashes using hashdump
- Metasploit and privilege escalation
- Escalating privileges on Windows Server 2008
- Privilege escalation on Linux with Metasploit
- Gaining persistent access with Metasploit
- Gaining persistent access on Windows-based systems
- Gaining persistent access on Linux systems
- Summary
- Testing Services with Metasploit
- Testing MySQL with Metasploit
- Using Metasploit's mysql_version module
- Brute-forcing MySQL with Metasploit
- Finding MySQL users with Metasploit
- Dumping the MySQL schema with Metasploit
- Using file enumeration in MySQL using Metasploit
- Checking for writable directories
- Enumerating MySQL with Metasploit
- Running MySQL commands through Metasploit
- Gaining system access through MySQL
- The fundamentals of SCADA
- Analyzing security in SCADA systems
- The fundamentals of testing SCADA
- SCADA-based exploits
- Implementing secure SCADA
- Restricting networks
- Testing Voice over Internet Protocol services
- VoIP fundamentals
- Fingerprinting VoIP services
- Scanning VoIP services
- Spoofing a VoIP call
- Exploiting VoIP
- About the vulnerability
- Exploiting the application
- Summary and exercises
- Fast-Paced Exploitation with Metasploit
- Using pushm and popm commands
- Making use of resource scripts
- Using AutoRunScript in Metasploit
- Using the multiscript module in the AutoRunScript option
- Global variables in Metasploit
- Wrapping up and generating manual reports
- The format of the report
- The executive summary
- Methodology/network admin-level report
- Additional sections
- Summary and preparation for real-world scenarios
- Exploiting Real-World Challenges with Metasploit
- Scenario 1: Mirror environment
- Understanding the environment
- Fingerprinting the target with DB_NMAP
- Gaining access to vulnerable web applications
- Migrating from a PHP meterpreter to a Windows meterpreter
- Pivoting to internal networks
- Scanning internal networks through a meterpreter pivot
- Using the socks server module in Metasploit
- Dumping passwords in clear text
- Sniffing a network with Metasploit
- Summary of the attack
- Scenario 2: You can't see my meterpreter
- Using shellcode for fun and profit
- Encrypting the shellcode
- Creating a decoder executable
- Further roadmap and summary 更新時間:2021-07-09 21:00:32
