• RRP: £39.99
  • You Save: £13.74 (34%)

FREE Delivery in the UK.
Only 14 left in stock (more on the way).
Dispatched from and sold by Amazon. Gift-wrap available.
Metasploit: The Penetrati... has been added to your Basket

Dispatch to:
To see addresses, please
Or
Please enter a valid UK postcode.
Or
+ £2.80 UK delivery
Used: Good | Details
Condition: Used: Good
Comment: Ships from USA. Please allow 2 to 3 weeks for delivery. Light shelf wear and minimal interior marks. A tradition of quality and service.
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 3 images

Metasploit: The Penetration Tester's Guide Paperback – 25 Jul 2011

4.6 out of 5 stars 24 customer reviews

See all 3 formats and editions Hide other formats and editions
Amazon Price
New from Used from
Kindle Edition
"Please retry"
Paperback
"Please retry"
£26.25
£20.97 £21.13
Note: This item is eligible for click and collect. Details
Pick up your parcel at a time and place that suits you.
  • Choose from over 13,000 locations across the UK
  • Prime members get unlimited deliveries at no additional cost
How to order to an Amazon Pickup Location?
  1. Find your preferred location and add it to your address book
  2. Dispatch to this address when you check out
Learn more
£26.25 FREE Delivery in the UK. Only 14 left in stock (more on the way). Dispatched from and sold by Amazon. Gift-wrap available.
click to open popover

Frequently bought together

  • Metasploit: The Penetration Tester's Guide
  • +
  • Rtfm: Red Team Field Manual
  • +
  • The Hacker Playbook 2: Practical Guide To Penetration Testing
Total price: £46.16
Buy the selected items together

Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.

  • Apple
  • Android
  • Windows Phone

To get the free app, enter your mobile phone number.



Product details

  • Paperback: 328 pages
  • Publisher: No Starch Press; 1 edition (25 July 2011)
  • Language: English
  • ISBN-10: 159327288X
  • ISBN-13: 978-1593272883
  • Product Dimensions: 17.8 x 2.9 x 23.5 cm
  • Average Customer Review: 4.6 out of 5 stars  See all reviews (24 customer reviews)
  • Amazon Bestsellers Rank: 88,877 in Books (See Top 100 in Books)
  • If you are a seller for this product, would you like to suggest updates through seller support?

  • See Complete Table of Contents

Product description

About the Author

David Kennedy is Chief Information Security Officer at Diebold Incorporated and creator of the Social-Engineer Toolkit (SET), Fast-Track, and other open source tools. He is on the Back|Track and Exploit-Database development team and is a core member of the Social-Engineer podcast and framework. Kennedy has presented at a number of security conferences including Black Hat, DEF CON, ShmooCon, Security B-Sides, and more.

Jim O'Gorman is a professional penetration tester with CSC's StrikeForce, a co-founder of Social-Engineer.org, and an instructor at Offensive-Security. He is involved in digital investigations and malware analysis, and helped build forensic capabilities into Back|Track Linux. When not working on various security issues, Jim spends his time assisting his children in their attempts to fight Zombie hordes.

Devon Kearns is an instructor at Offensive-Security, a Back|Track Linux developer, and administrator of The Exploit Database. He has contributed a number of Metasploit exploit modules and is the maintainer of the Metasploit Unleashed wiki.

Mati Aharoni is the creator of the Back|Track Linux distribution and founder of Offensive-Security, the industry leader in security training.


Customer Reviews

4.6 out of 5 stars
Share your thoughts with other customers

Top Customer Reviews

Format: Kindle Edition Verified Purchase
Excellent and informative, Well written and readable.
This book gave me the ability to confident in my approach to pen testing.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback
I've always been interested in penetration testing but oddly enough, I had never used metasploit. So a few weeks ago I bought this book and another one about Metasploit by Syngress. I started with the Syngress one, and it was OK but it was terribly outdated so I literally had to throw it away. This one from NoStarch is a completely different story. For starters, I did a background check on the authors. I was glad to find that some of them are key members of the BackTrack Linux distro, which I'm particularly fond of. The others are well respected professionals of the information security community and have spoken at cons like Blackhat or Defcon.

So considering the experience of the authors I had high expectations and I have to say that they were surpassed.

The book starts off with a nice introduction to Penetration Testing where it explains the different phases of the process and the types of pentests. Then goes on to introduce the actual metasploit framework, covering the basic terminology, the available interfaces and the most important companion tools (msfpayload, msfencode, and so on). However, the fun begins after the introduction, where the authors show how to use metasploit to conduct a penetration test. They divide the process into three phases: intelligence gathering, vulnerability scanning and exploitation. They guide the reader through several step-by-step examples, each one demonstrating different techniques and components. The chapter on the meterpreter is specially detailed and interesting.

Apart from the basic find-a-vuln-and-exploit-it, the book also covers advanced topics such as detection avoidance, client-side attacks or social engineering. It even shows how to hack the framework and build your own modules and exploits.

Summing up...
Read more ›
Comment 14 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Kindle Edition
This book is exactly what you expect from start to finish if you are judging by the title. The authors go through the full process of conducting a penetration test and discuss the process fully in relation to the Metasploit framework. Saying that, this book will not make you an expert penetration tester and definitely doesn't substitute for broad reading. What this book definitely does do is give you the skills to get you there using Metasploit.

My only criticism is that this book covers broadly what is available in the online help. However, the authors do cover the framework in an excellent manner in an obvious order allowing even the most novice of security professionals to use the tool well.

Bottom line: this book is excellent light reading if you wish to use the Metasploit framework in a professional manner.
Comment 9 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback
If you're into penetration testing and hacking, and you don't know much about Metasploit and other useful pentesting tools, then this is the place to start. The book does what it promises by being a starters guide to penetration testers, nothing more, nothing less. Experienced testers don't need a guide; you might learn a few things, yes, but don't waste your time and money for the tiny bits of new information you think you might find in it. Also, the book requires you have a basic knowledge of important hacking concepts like buffer overflows, shellcode and assembly language. If you're a total newbie to hacking, try starting out with Hacking: The Art of Exploitation Book/CD Package 2nd Edition, also printed by NoStarch Press.

As for the product, Metasploit is an awesome penetration testing tool by Rapid7, and together with its plugins, auxiliary modules and complementary products, it will be the only thing you need in your hacking adventures. Never again do you have to manually search for exploits or deploy them yourself, so that you can finally concentrate on the job at hand by freeing your hands, instead of wasting time on boring repetitive tasks.
Comment 3 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Kindle Edition Verified Purchase
I already knew Metasploit very well (or so I thought) but I've learnt a lot more through this book. No need to repeat what all the other reviewers have said, this is a well written and easy to understand book.

I bought the Kindle version, in too many cases with technical books the conversion from print to Kindle seems to have been an afterthought, but in this case it's very well done. Recommended.
Comment One person found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback Verified Purchase
This book is simply amazing and if you have an interest in using the MS framework look no further than this release. It does a great job of explaining how and why it works and also a very good guide on the most popular tools within it.

Don`t let the price put you off, you will see in the first 5 minutes of reading that you have invested wisely.
Comment One person found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback
First of all the authors deserve considerable kudos for writing a very readable technical manual. Whenever you open a programming or software manual you run the risk of it being so dry that you are coughing up dust for weeks later. That is certainly not the case here. OK there may be a bit too much pointy-hair speak (entirely too much leveraging of low hanging fruit) but you can happily read several chapters at a time without any sort of pain being involved. There were a couple of presentation issues I had problems with. Firstly I found the screen capture images to be just too small - I couldn't really tell what was going on properly. Of course that may not be a problem to those with younger eyes or stronger glasses but it could cause you issues. Secondly the sections of text from the Metasploit shell jumped about between being the same width as the text or the entire width of the page (text + margins) which I found deeply annoying for some reason. (Note to the publisher - in any reprints please be constant with the format!)

In terms of technical coverage the book is excellent. It starts off with a primer on penetration testing before introducing the Metaspoit framework. The write up of the Metasploit framework itself follows a nicely graded learning curve, describing the framework and data import procedures, tool use and external modules in a logical and progressive way. I picked this book up largely from a security interest point of view and found it for the most part relatively easy to understand. Elements of chapters on module building and exploit porting went a little over my head but I'm not really the target audience for them anyway.
Read more ›
Comment 4 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse

Most Recent Customer Reviews

Pages with related products. See and discover other items: kali linux