What this book covers
Chapter 1, Approaching a Penetration Test Using Metasploit, takes us through the absolute basics of conducting a penetration test with Metasploit. It helps in establishing an approach and setting up the environment for testing. Moreover, it takes us through the various stages of a penetration test systematically. It further discusses the advantages of using Metasploit over traditional and manual testing.
Chapter 2, Reinventing Metasploit, covers the absolute basics of Ruby programming essentials that are required for module building. This chapter further covers how to dig existing Metasploit modules and write our custom scanner, post exploitation, and meterpreter modules; finally, it sums up by shedding light on developing custom modules in RailGun.
Chapter 3, The Exploit Formulation Process, discusses how to build exploits by covering the basic essentials of assembly programming. This chapter also introduces fuzzing and sheds light on debuggers too. It then focuses on gathering essentials for exploitation by analyzing the application's behavior under a debugger. It finally shows the exploit-writing process in Metasploit based on the information collected.
Chapter 4, Porting Exploits, helps converting publically available exploits into the Metasploit framework. This chapter focuses on gathering essentials from the available exploits written in Perl, Python, and PHP, and interpreting those essentials into Metasploit-compatible ones using Metasploit libraries.
Chapter 5, Offstage Access to Testing Services, carries our discussion on to performing a penetration test on various services. This chapter covers some important modules in Metasploit that help in exploiting SCADA services. Further, it discusses testing a database and running a privileged command in it. Next, it sheds light on VOIP exploitation and carrying out attacks such as spoofing VOIP calls. In the end, the chapter discusses post-exploitation on Apple iDevices.
Chapter 6, Virtual Test Grounds and Staging, provides a brief discussion on carrying out a white box as well as a black box test. This chapter focuses on additional tools that can work along with Metasploit to conduct a complete penetration test. The chapter advances by discussing popular tools, such as Nmap, Nessus, and OpenVAS, and discusses importing their results into Metasploit and running these tools from Metasploit itself. It finally discusses how to generate manual and automated reports.
Chapter 7, Sophisticated Client-side Attacks, shifts our focus on to client-side exploits. This chapter focuses on modifying the traditional client-side exploits into a much more sophisticated and certain approach. The chapter starts with a browser-based exploitation and file-format-based exploits. Further, it discusses compromising web servers and the users of a website. Next, it sheds light on bypassing antivirus and protection mechanisms. Then, it discusses the modification of browser exploits into a lethal weapon using Metasploit along with vectors such as DNS Poisoning.
Chapter 8, The Social Engineering Toolkit, helps in automating client-side exploitation using Metasploit as a backend. This chapter sheds light on various website attack vectors and helps carry out advanced phishing attacks. It then focuses on attack vectors such as tabnabbing, Java applets, and many others. Further, it sheds light on third-party modules within the Social Engineering Toolkit. Next, it discusses the GUI part of the social engineering toolkit and how to automate various attacks in it.
Chapter 9, Speeding Up Penetration Testing, focuses on developing quick approaches to penetration testing. This chapter starts by discussing Fast Track and testing a database with Fast Track. Further, it discusses the lost features of Metasploit and how to re-enable them in Metasploit. Finally, it discusses another great tool, that is, WebSploit, and covers carrying out the tricky client-side exploitation with it.
Chapter 10, Visualizing with Armitage, is dedicated to the most popular GUI associated with Metasploit, that is, Armitage. This chapter builds up on scanning a target with Armitage and exploiting the target. Further, it discusses Cortana, which is used to script automated attacks in Armitage and aids penetration testing by developing virtual bots. Next, this chapter discusses adding custom functionalities and building up custom interfaces and menus in Armitage.