[LIBRO] Metasploit Penetration Testing Cookbook. INGLES

  • 0 Respuestas
  • 2661 Vistas

0 Usuarios y 1 Visitante están viendo este tema.

Desconectado morodog

  • *
  • Ex-Staff
  • *****
  • Mensajes: 350
  • Actividad:
  • Reputación 1
  • Skype: MorodoG
  • Twitter: m4r4d4g
    • Ver Perfil

Chapter 1: Metasploit Quick Tips for Security Professionals

- Introduction
- Configuring Metasploit on Windows
- Configuring Metasploit on Ubuntu
- Metasploit with BackTrack 5 – the ultimate combination
- Setting up the penetration testing lab on a single machine
- Setting up Metasploit on a virtual machine with SSH connectivity
- Beginning with the interfaces – the "Hello World" of Metasploit
- Setting up the database in Metasploit
- Using the database to store penetration testing results
- Analyzing the stored results of the database

Chapter 2: Information Gathering and Scanning

- Introduction
- Passive information gathering 1.0 – the traditional way
- Passive information gathering 2.0 – the next level
- Port scanning – the Nmap way
- Exploring auxiliary modules for scanning
- Target service scanning with auxiliary modules
- Vulnerability scanning with Nessus
- Scanning with NeXpose
- Sharing information with the Dradis framework

Chapter 3: Operating System-based Vulnerability Assessment and Exploitation

- Introduction
- Exploit usage quick tips
- Penetration testing on a Windows XP SP2 machine
- Binding a shell to the target for remote access
- Penetration testing on the Windows 2003 Server
- Windows 7/Server 2008 R2 SMB client infinite loop
- Exploiting a Linux (Ubuntu) machine
- Understanding the Windows DLL injection flaws

Chapter 4: Client-side Exploitation and Antivirus Bypass

- Introduction
- Internet Explorer unsafe scripting misconfiguration vulnerability
- Internet Explorer CSS recursive call memory corruption
- Microsoft Word RTF stack buffer overflow
- Adobe Reader util.printf() buffer overflow
- Generating binary and shellcode from msfpayload
- Bypassing client-side antivirus protection using msfencode
- Using the killav.rb script to disable antivirus programs
- A deeper look into the killav.rb script
- Killing antivirus services from the command line

Chapter 5: Using Meterpreter to Explore the Compromised Target

- Introduction
- Analyzing meterpreter system commands
- Privilege escalation and process migration
- Setting up multiple communication channels with the target
- Meterpreter filesystem commands
- Changing file attributes using timestomp
- Using meterpreter networking commands
- The getdesktop and keystroke sniffing
- Using a scraper meterpreter script

Chapter 6: Advanced Meterpreter Scripting

- Introduction
- Passing the hash
- Setting up a persistent connection with backdoors
- Pivoting with meterpreter
- Port forwarding with meterpreter
- Meterpreter API and mixins
- Railgun – converting Ruby into a weapon
- Adding DLL and function definition to Railgun
- Building a "Windows Firewall De-activator" meterpreter script
- Analyzing an existing meterpreter script

Chapter 7: Working with Modules for Penetration Testing

- Introduction
- Working with scanner auxiliary modules
- Working with auxiliary admin modules
- SQL injection and DOS attack modules
- Post-exploitation modules
- Understanding the basics of module building
- Analyzing an existing module
- Building your own post-exploitation module

Chapter 8: Working with Exploits

- Introduction
- Exploiting the module structure
- Common exploit mixins
- Working with msfvenom
- Converting exploit to a Metasploit module
- Porting and testing the new exploit module
- Fuzzing with Metasploit
- Writing a simple FileZilla FTP fuzzer

Chapter 9: Working with Armitage

- Introduction
- Getting started with Armitage
- Scanning and information gathering
- Finding vulnerabilities and attacking targets
- Handling multiple targets using the tab switch
- Post-exploitation with Armitage
- Client-side exploitation with Armitage

Chapter 10: Social Engineer Toolkit

Getting started with Social Engineer Toolkit (SET)
Working with the SET config file
Spear-phishing attack vector
Website attack vectors
Multi-attack web method
Infectious media generator.

DESCARGA: http://www.4shared.com/office/X2ijq6AS/Metasploit_Penetration_Testing
« Última modificación: Julio 19, 2013, 06:44:17 am por morodog »


Libro "HACKERS 6" Español

Iniciado por Aryenal.Bt

Respuestas: 13
Vistas: 16785
Último mensaje Marzo 26, 2018, 08:12:45 am
por vieitez
Libro completo de la certificacion "CEH V10 EC-COUNCIL"

Iniciado por Rootkit_Pentester

Respuestas: 2
Vistas: 11570
Último mensaje Abril 26, 2019, 03:16:35 pm
por zorlak_23
Libro: "Fundamentos en la inseguridad de la informacion"

Iniciado por Rootkit_Pentester

Respuestas: 0
Vistas: 2708
Último mensaje Mayo 21, 2018, 11:42:53 pm
por Rootkit_Pentester
[LIBRO] Uso de Setoolkit para la ingeniería social y Ettercap para sniffing

Iniciado por Lautaro Villarreal Culic'

Respuestas: 1
Vistas: 4964
Último mensaje Agosto 21, 2018, 02:03:53 pm
por MandrakeCrimson
Libro Certificacion de Seguridad Ofensiva nivel 1 "La biblia del hacking"

Iniciado por AlexTT

Respuestas: 2
Vistas: 10011
Último mensaje Junio 12, 2018, 06:29:56 pm
por zenna