Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Metasploit Penetration Testing CookbookSecond Edition
Table of Contents Metasploit Penetration Testing CookbookSecond Edition Credits About the Authors About the Reviewers www.PacktPub.com
Support files, eBooks, discount offers and more
Why Subscribe? Free Access for Packt account holders
Preface
What this book covers What you need for this book Who this book is for Conventions Reader feedback Customer support
Downloading the example code Errata Piracy Questions
1. Metasploit Quick Tips for Security Professionals
Introduction Configuring Metasploit on Windows
Getting ready How to do it... How it works... There's more…
Database error during installation
Configuring Metasploit on Ubuntu
Getting ready How to do it... There's more...
Cloning the Metasploit framework Error during installation
Installing Metasploit with BackTrack 5 R3
Getting ready How to do it... How it works... There's more
Upgrading from R2 to R3
32-bit tools 64-bit tools
Setting up penetration testing using VMware
Getting ready How to do it... How it works... There's more...
Disabling the firewall and antivirus protection
Setting up Metasploit on a virtual machine with SSH connectivity
Getting ready How to do it... How it works...
Installing and configuring PostgreSQL in BackTrack 5 R3
Getting ready How to do it... How it works... There's more...
Getting an error while connecting to the database Deleting the database
Using the database to store the penetration testing results
Getting ready How to do it...
Working with BBQSQL
How to do it... How it works...
2. Information Gathering and Scanning
Introduction Passive information gathering
Getting ready How to do it... How it works... There's more...
Using third-party websites
Port scanning – the Nmap way
Getting ready How to do it... How it works... There's more...
Operating system and version detection Increasing anonymity
Port scanning – the DNmap way
Getting ready How to do it...
Using keimpx – an SMB credentials scanner
Getting ready How to do it... How it works...
Detecting SSH versions with the SSH version scanner
Getting ready How to do it... How it works... There's more...
FTP scanning
Getting ready How to do it... How it works...
SNMP sweeping
Getting ready How to do it... How it works...
Vulnerability scanning with Nessus
Getting ready How to do it... How it works... There's more...
Working with Nessus in the web browser
Scanning with NeXpose
Getting ready How to do it... How it works... There's more...
Importing the scan results
Working with OpenVAS – a vulnerability scanner
Getting ready How to do it... How it works...
3. Operating-System-based Vulnerability Assessment
Introduction Penetration testing on a Windows XP SP2 machine
Getting ready How to do it... How it works... There's more...
Binding a shell to the target for remote access
Getting ready How to do it... How it works... There's more...
Gaining complete control of the target
Penetration testing on Windows 8
Getting ready How to do it... How it works... There's more... See also
Exploiting a Linux (Ubuntu) machine
Getting ready How to do it... How it works... There's more...
Other relevant exploit modules for Linux
Understanding the Windows DLL injection flaws
Getting ready How to do it... How it works... There's more...
The DLLHijackAudit kit by H. D. Moore
4. Client-side Exploitation and Antivirus Bypass
Introduction Exploiting Internet Explorer execCommand Use-After-Free vulnerability
Getting ready How to do it... How it works...
Understanding Adobe Flash Player "new function" invalid pointer use
Getting ready How to do it... How it works...
Understanding Microsoft Word RTF stack buffer overflow
Getting ready How to do it... How it works... There's more...
Microsoft Excel 2007 buffer overflow
Working with Adobe Reader U3D Memory Corruption
Getting ready How to do it... How it works...
Generating binary and shell code from msfpayload
Getting ready How to do it... How it works...
Msfencoding schemes with the detection ratio
Getting ready How to do it... How it works...
Using the killav.rb script to disable the antivirus programs
Getting ready How to do it... How it works...
Killing the antiviruses' services from the command line
Getting ready How to do it... How it works... There's more...
Some services were not killed – what next?
Working with the syringe utility
Getting ready How to do it... How it works...
5. Working with Modules for Penetration Testing
Introduction Working with scanner auxiliary modules
Getting ready How to do it... How it works... There's more…
Generating passwords using Crunch
See also
Working with auxiliary admin modules
Getting ready How to do it... How it works...
SQL injection and DoS attack module
Getting ready How to do it... How it works...
Post-exploitation modules
Getting ready How to do it... How it works...
Understanding the basics of module building
Getting ready How to do it...
Analyzing an existing module
Getting ready How to do it... How it works...
Building your own post-exploitation module
Getting ready How to do it...
6. Exploring Exploits
Introduction Exploiting the module structure
Getting ready How to do it... How it works...
Working with msfvenom
Getting ready How to do it... How it works...
Converting an exploit to a Metasploit module
Getting ready How to do it... How it works...
Porting and testing the new exploit module
Getting ready How to do it...
Fuzzing with Metasploit
Getting ready How to do it... How it works...
Writing a simple FileZilla FTP fuzzer
How to do it... How it works... There's more...
Antiparser fuzzing framework
7. VoIP Penetration Testing
Introduction
VoIP topologies SIP basics
SIP requests/methods: SIP response:
Lab setup
Scanning and enumeration phase
Getting ready How to do it...
SMAP SVWAR
How it works... There's more...
Yielding passwords
Getting ready How to do it...
VLAN hopping
Getting ready How to do it... There's more...
VoIP MAC spoofing
Getting ready How to do it...
Impersonation attack
Getting ready How to do it... How it works... There's more...
DoS attack
Getting ready How to do it... How it works... There's more...
8. Wireless Network Penetration Testing
Introduction Setting up and running Fern WiFi Cracker
Getting ready How to do it...
Sniffing interfaces with tcpdump
Getting ready How to do it... There's more…
Cracking WEP and WPA with Fern WiFi Cracker
Getting ready How to do it...
Session hijacking via a MAC address
Getting ready How to do it... How it works...
Locating a target's geolocation
Getting ready How to do it... Getting ready How to do it... How it works... There's more...
Understanding an evil twin attack
Getting ready How to do it... How it works...
Configuring Karmetasploit
Getting ready How to do it...
9. Social-Engineer Toolkit
Introduction Getting started with the Social-Engineer Toolkit (SET)
Getting ready How to do it... How it works... There's more...
Working with the SET config file
Getting ready How to do it... How it works...
Working with the spear-phishing attack vector
Getting ready How to do it... How it works...
Website attack vectors
Getting ready How to do it... How it works...
Working with the multi-attack web method
How to do it... How it works...
Infectious media generator
How to do it... How it works...
10. Working with Meterpreter
Introduction Understanding the Meterpreter system commands
Getting ready How to do it... How it works...
Understanding the Meterpreter filesystem commands
How to do it... How it works...
Understanding the Meterpreter networking commands
Getting ready How to do it... How it works...
Privilege escalation and process migration
How to do it... How it works...
Setting up multiple communication channels with the target
Getting ready How to do it... How it works...
Meterpreter anti-forensics – timestomp
Getting ready How to do it... How it works... There's more...
The getdesktop and keystroke sniffing
Getting ready How to do it... There's more...
Using a scraper Meterpreter script
Getting ready How to do it... How it works... There's more...
Using winenum.rb
Passing the hash
Getting ready How to do it... How it works... There's more...
Online password decryption
Setting up a persistent connection with backdoors
Getting ready How to do it... How it works...
Pivoting with Meterpreter
Getting ready How to do it... How it works...
Port forwarding with Meterpreter
Getting ready How to do it... How it works...
Meterpreter API and mixins
Getting ready How to do it... How it works... There's more...
Railgun – converting Ruby into a weapon
Getting ready How to do it... How it works... There's more...
Railgun definitions and documentation
Adding DLL and function definition to Railgun
How to do it... How it works...
Building a "Windows Firewall De-activator" Meterpreter script
Getting Ready How to do it... How it works... There's more...
Re-using the code
Analyzing an existing Meterpreter script
How to do it... How it works...
Injecting the VNC server remotely
Getting ready How to do it... How it works...
Exploiting a vulnerable PHP application
Getting ready How to do it...
Incognito attack with Meterpreter
Getting ready How to do it... See also
A. Pentesting in the Cloud
Introduction
Instruction as a service Platform as a service Software as a service
Pentesting in the cloud Pentesting in the cloud with hackaserver.com
Getting ready How to do it... There's more...
Index
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion