Metasploit: The Penetration Tester’s Guide - A Review

Monday, May 28, 2012

Dan Dieterle

B64e021126c832bb29ec9fa988155eaf

Want a great book on Backtrack 5 and the Metasploit Framework?

Look no further than “Metasploit: The Penetration Tester’s Guide” written by the all star cast of David Kennedy (One of my favorite security speakers and creator of the Social Engineering Toolkit), Jim O’Gorman (instructor at Offensive-Security), Devon Kearns (a BackTrack Linux developer), and Mati Aharoni (created BackTrack and founder of Offensive-Security).

Arguably my favorite book for 2012, this is the most complete and comprehensive instruction book for Metasploit that I have seen so far.

The authors walk you step by step, command by command through using the Metasploit Framework as a penetration tester.

You move quickly from the basics of Penetration testing through using the platform to perform the different phases of intelligence gathering and exploitation.

The exploiting sections are very good, covering the famous exploitation techniques of attacking MS SQL, dumping password hashes, pass the hash & token impersonation, killing anti-virus and gathering intelligence from the system to pivot deeper into the target network.

The book also covers building your own Metasploit modules and creating your own exploits.

I love the book because the authors give you a short overview of the topic, then jump right into hands on – showing you the commands to use, and then dissecting the output and explaining step by step what is happening and what was accomplished.

Excellent book for anyone interested in a hands on approach to computer security, the Metaslpoit pro who wants a great reference book and those new to Metasploit that want a step by step instruction manual.

Metasploit: The Penetration Tester’s Guide – Check it out!

Cross-posted from Cyber Arms

Possibly Related Articles:
13988
Network->General
Software
Hacking Training Penetration Testing Backtrack Metasploit Exploits Book Review Pentesting
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.