- Paperback: 328 pages
- Publisher: No Starch Press; 1 edition (25 July 2011)
- Language: English
- ISBN-10: 159327288X
- ISBN-13: 978-1593272883
- Product Dimensions: 17.8 x 2.9 x 23.5 cm
- Average Customer Review: 4.6 out of 5 stars See all reviews (24 customer reviews)
- Amazon Bestsellers Rank: 88,877 in Books (See Top 100 in Books)
- See Complete Table of Contents
Metasploit: The Penetration Tester's Guide Paperback – 25 Jul 2011
|New from||Used from|
- Choose from over 13,000 locations across the UK
- Prime members get unlimited deliveries at no additional cost
- Find your preferred location and add it to your address book
- Dispatch to this address when you check out
Frequently bought together
Customers who bought this item also bought
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
If you are a seller for this product, would you like to suggest updates through seller support?
About the Author
David Kennedy is Chief Information Security Officer at Diebold Incorporated and creator of the Social-Engineer Toolkit (SET), Fast-Track, and other open source tools. He is on the Back|Track and Exploit-Database development team and is a core member of the Social-Engineer podcast and framework. Kennedy has presented at a number of security conferences including Black Hat, DEF CON, ShmooCon, Security B-Sides, and more.
Jim O'Gorman is a professional penetration tester with CSC's StrikeForce, a co-founder of Social-Engineer.org, and an instructor at Offensive-Security. He is involved in digital investigations and malware analysis, and helped build forensic capabilities into Back|Track Linux. When not working on various security issues, Jim spends his time assisting his children in their attempts to fight Zombie hordes.
Devon Kearns is an instructor at Offensive-Security, a Back|Track Linux developer, and administrator of The Exploit Database. He has contributed a number of Metasploit exploit modules and is the maintainer of the Metasploit Unleashed wiki.
Mati Aharoni is the creator of the Back|Track Linux distribution and founder of Offensive-Security, the industry leader in security training.
What other items do customers buy after viewing this item?
Top Customer Reviews
This book gave me the ability to confident in my approach to pen testing.
So considering the experience of the authors I had high expectations and I have to say that they were surpassed.
The book starts off with a nice introduction to Penetration Testing where it explains the different phases of the process and the types of pentests. Then goes on to introduce the actual metasploit framework, covering the basic terminology, the available interfaces and the most important companion tools (msfpayload, msfencode, and so on). However, the fun begins after the introduction, where the authors show how to use metasploit to conduct a penetration test. They divide the process into three phases: intelligence gathering, vulnerability scanning and exploitation. They guide the reader through several step-by-step examples, each one demonstrating different techniques and components. The chapter on the meterpreter is specially detailed and interesting.
Apart from the basic find-a-vuln-and-exploit-it, the book also covers advanced topics such as detection avoidance, client-side attacks or social engineering. It even shows how to hack the framework and build your own modules and exploits.
Summing up...Read more ›
My only criticism is that this book covers broadly what is available in the online help. However, the authors do cover the framework in an excellent manner in an obvious order allowing even the most novice of security professionals to use the tool well.
Bottom line: this book is excellent light reading if you wish to use the Metasploit framework in a professional manner.
As for the product, Metasploit is an awesome penetration testing tool by Rapid7, and together with its plugins, auxiliary modules and complementary products, it will be the only thing you need in your hacking adventures. Never again do you have to manually search for exploits or deploy them yourself, so that you can finally concentrate on the job at hand by freeing your hands, instead of wasting time on boring repetitive tasks.
I bought the Kindle version, in too many cases with technical books the conversion from print to Kindle seems to have been an afterthought, but in this case it's very well done. Recommended.
Don`t let the price put you off, you will see in the first 5 minutes of reading that you have invested wisely.
In terms of technical coverage the book is excellent. It starts off with a primer on penetration testing before introducing the Metaspoit framework. The write up of the Metasploit framework itself follows a nicely graded learning curve, describing the framework and data import procedures, tool use and external modules in a logical and progressive way. I picked this book up largely from a security interest point of view and found it for the most part relatively easy to understand. Elements of chapters on module building and exploit porting went a little over my head but I'm not really the target audience for them anyway.Read more ›
Most Recent Customer Reviews
Who better to explain the masterpiece if the master itself.
A(nother) great work from David and the Metasploit team
Still working my way through, but the book seems good and covers all the areas needed for starting out in penertraion testing.Published 11 months ago by Shamalam
Great walkthrough on some of the most basics of metasploit, if you're a beginner or want to know what pentesting is - this is a book worth the money.Published 16 months ago by Danny Asmussen
The title speaks of itself. Great book definitely worth of reading.Published 17 months ago by Daniel Mikolajczyk
Old and outdated and not written with clarity. Authors seem to jump from topic to topic.Published 23 months ago by M S K
Great book for those studying Penetration Testing and Network Engineers. Also a good and useful reference book.Published on 21 Jan. 2015 by M. L. Pillai