martes, 31 de julio de 2012

Metasploit Penetration Testing Cookbook


Chapter 1: Metasploit Quick Tips for Security Professionals

- Introduction
- Configuring Metasploit on Windows
- Configuring Metasploit on Ubuntu
- Metasploit with BackTrack 5 – the ultimate combination
- Setting up the penetration testing lab on a single machine
- Setting up Metasploit on a virtual machine with SSH connectivity
- Beginning with the interfaces – the "Hello World" of Metasploit
- Setting up the database in Metasploit
- Using the database to store penetration testing results
- Analyzing the stored results of the database

Chapter 2: Information Gathering and Scanning
- Introduction
- Passive information gathering 1.0 – the traditional way
- Passive information gathering 2.0 – the next level
- Port scanning – the Nmap way
- Exploring auxiliary modules for scanning
- Target service scanning with auxiliary modules
- Vulnerability scanning with Nessus
- Scanning with NeXpose
- Sharing information with the Dradis framework

Chapter 3: Operating System-based Vulnerability Assessment and Exploitation

- Introduction
- Exploit usage quick tips
- Penetration testing on a Windows XP SP2 machine
- Binding a shell to the target for remote access
- Penetration testing on the Windows 2003 Server
- Windows 7/Server 2008 R2 SMB client infinite loop
- Exploiting a Linux (Ubuntu) machine
- Understanding the Windows DLL injection flaws

Chapter 4: Client-side Exploitation and Antivirus Bypass

- Introduction
- Internet Explorer unsafe scripting misconfiguration vulnerability
- Internet Explorer CSS recursive call memory corruption
- Microsoft Word RTF stack buffer overflow
- Adobe Reader util.printf() buffer overflow
- Generating binary and shellcode from msfpayload
- Bypassing client-side antivirus protection using msfencode
- Using the killav.rb script to disable antivirus programs
- A deeper look into the killav.rb script
- Killing antivirus services from the command line

Chapter 5: Using Meterpreter to Explore the Compromised Target
- Introduction
- Analyzing meterpreter system commands
- Privilege escalation and process migration
- Setting up multiple communication channels with the target
- Meterpreter filesystem commands
- Changing file attributes using timestomp
- Using meterpreter networking commands
- The getdesktop and keystroke sniffing
- Using a scraper meterpreter script

Chapter 6: Advanced Meterpreter Scripting 

- Introduction
- Passing the hash
- Setting up a persistent connection with backdoors
- Pivoting with meterpreter
- Port forwarding with meterpreter
- Meterpreter API and mixins
- Railgun – converting Ruby into a weapon
- Adding DLL and function definition to Railgun
- Building a "Windows Firewall De-activator" meterpreter script
- Analyzing an existing meterpreter script

Chapter 7: Working with Modules for Penetration Testing

- Introduction
- Working with scanner auxiliary modules
- Working with auxiliary admin modules
- SQL injection and DOS attack modules
- Post-exploitation modules
- Understanding the basics of module building
- Analyzing an existing module
- Building your own post-exploitation module

Chapter 8: Working with Exploits

- Introduction
- Exploiting the module structure
- Common exploit mixins
- Working with msfvenom
- Converting exploit to a Metasploit module
- Porting and testing the new exploit module
- Fuzzing with Metasploit
- Writing a simple FileZilla FTP fuzzer

Chapter 9: Working with Armitage 

- Introduction
- Getting started with Armitage
- Scanning and information gathering
- Finding vulnerabilities and attacking targets
- Handling multiple targets using the tab switch
- Post-exploitation with Armitage
- Client-side exploitation with Armitage

Chapter 10: Social Engineer Toolkit 

Getting started with Social Engineer Toolkit (SET)
Working with the SET config file
Spear-phishing attack vector
Website attack vectors
Multi-attack web method
Infectious media generator

Formato: PDF
Peso: 3.64 MB
Paginas: 269
Idioma: Ingles
Estilo: Imágenes & Letras


1 comentario:

  1. Nice Post..!! Penetration Tests by High-Tech Bridge: when global expertise meets Swiss quality.

    Penetration Testing