comment
IRC Chat
play_arrow
Este sitio utiliza cookies propias y de terceros. Si continúa navegando consideramos que acepta el uso de cookies. OK Más Información.

[LIBRO] Metasploit Penetration Testing Cookbook. INGLES

  • 0 Respuestas
  • 1688 Vistas

0 Usuarios y 1 Visitante están viendo este tema.

Desconectado morodog

  • *
  • Underc0der
  • Mensajes: 350
  • Actividad:
    0%
  • Reputación 0
    • Ver Perfil
  • Skype: MorodoG
  • Twitter: m4r4d4g
« en: Julio 19, 2013, 06:41:09 am »


Chapter 1: Metasploit Quick Tips for Security Professionals

- Introduction
- Configuring Metasploit on Windows
- Configuring Metasploit on Ubuntu
- Metasploit with BackTrack 5 – the ultimate combination
- Setting up the penetration testing lab on a single machine
- Setting up Metasploit on a virtual machine with SSH connectivity
- Beginning with the interfaces – the "Hello World" of Metasploit
- Setting up the database in Metasploit
- Using the database to store penetration testing results
- Analyzing the stored results of the database

Chapter 2: Information Gathering and Scanning

- Introduction
- Passive information gathering 1.0 – the traditional way
- Passive information gathering 2.0 – the next level
- Port scanning – the Nmap way
- Exploring auxiliary modules for scanning
- Target service scanning with auxiliary modules
- Vulnerability scanning with Nessus
- Scanning with NeXpose
- Sharing information with the Dradis framework

Chapter 3: Operating System-based Vulnerability Assessment and Exploitation

- Introduction
- Exploit usage quick tips
- Penetration testing on a Windows XP SP2 machine
- Binding a shell to the target for remote access
- Penetration testing on the Windows 2003 Server
- Windows 7/Server 2008 R2 SMB client infinite loop
- Exploiting a Linux (Ubuntu) machine
- Understanding the Windows DLL injection flaws

Chapter 4: Client-side Exploitation and Antivirus Bypass

- Introduction
- Internet Explorer unsafe scripting misconfiguration vulnerability
- Internet Explorer CSS recursive call memory corruption
- Microsoft Word RTF stack buffer overflow
- Adobe Reader util.printf() buffer overflow
- Generating binary and shellcode from msfpayload
- Bypassing client-side antivirus protection using msfencode
- Using the killav.rb script to disable antivirus programs
- A deeper look into the killav.rb script
- Killing antivirus services from the command line

Chapter 5: Using Meterpreter to Explore the Compromised Target

- Introduction
- Analyzing meterpreter system commands
- Privilege escalation and process migration
- Setting up multiple communication channels with the target
- Meterpreter filesystem commands
- Changing file attributes using timestomp
- Using meterpreter networking commands
- The getdesktop and keystroke sniffing
- Using a scraper meterpreter script

Chapter 6: Advanced Meterpreter Scripting

- Introduction
- Passing the hash
- Setting up a persistent connection with backdoors
- Pivoting with meterpreter
- Port forwarding with meterpreter
- Meterpreter API and mixins
- Railgun – converting Ruby into a weapon
- Adding DLL and function definition to Railgun
- Building a "Windows Firewall De-activator" meterpreter script
- Analyzing an existing meterpreter script

Chapter 7: Working with Modules for Penetration Testing

- Introduction
- Working with scanner auxiliary modules
- Working with auxiliary admin modules
- SQL injection and DOS attack modules
- Post-exploitation modules
- Understanding the basics of module building
- Analyzing an existing module
- Building your own post-exploitation module

Chapter 8: Working with Exploits

- Introduction
- Exploiting the module structure
- Common exploit mixins
- Working with msfvenom
- Converting exploit to a Metasploit module
- Porting and testing the new exploit module
- Fuzzing with Metasploit
- Writing a simple FileZilla FTP fuzzer

Chapter 9: Working with Armitage

- Introduction
- Getting started with Armitage
- Scanning and information gathering
- Finding vulnerabilities and attacking targets
- Handling multiple targets using the tab switch
- Post-exploitation with Armitage
- Client-side exploitation with Armitage

Chapter 10: Social Engineer Toolkit

Introduction
Getting started with Social Engineer Toolkit (SET)
Working with the SET config file
Spear-phishing attack vector
Website attack vectors
Multi-attack web method
Infectious media generator.


DESCARGA: No tienes permisos para ver links. Registrate o Entra con tu cuenta
« Última modificación: Julio 19, 2013, 06:44:17 am por morodog »

 

¿Te gustó el post? COMPARTILO!



Libro "HACKERS 6" Español

Iniciado por Aryenal.Bt

Respuestas: 13
Vistas: 10367
Último mensaje Marzo 26, 2018, 08:12:45 am
por vieitez
Libro completo de la certificacion "CEH V10 EC-COUNCIL"

Iniciado por Rootkit_Pentester

Respuestas: 0
Vistas: 616
Último mensaje Septiembre 04, 2018, 03:36:30 pm
por Rootkit_Pentester
Libro: "Fundamentos en la inseguridad de la informacion"

Iniciado por Rootkit_Pentester

Respuestas: 0
Vistas: 616
Último mensaje Mayo 21, 2018, 11:42:53 pm
por Rootkit_Pentester
[LIBRO] Uso de Setoolkit para la ingeniería social y Ettercap para sniffing

Iniciado por Lautaro Culic'

Respuestas: 1
Vistas: 888
Último mensaje Agosto 21, 2018, 02:03:53 pm
por MandrakeCrimson
Libro Certificacion de Seguridad Ofensiva nivel 1 "La biblia del hacking"

Iniciado por AlexTT

Respuestas: 2
Vistas: 4242
Último mensaje Junio 12, 2018, 06:29:56 pm
por zenna