David Kennedy is Chief Information Security Officer at Diebold Incorporated and creator of the Social-Engineer Toolkit (SET), Fast-Track, and other open source tools. He is on the Back|Track and Exploit-Database development team and is a core member of the Social-Engineer podcast and framework. Kennedy has presented at a number of security conferences including Black Hat, DEF CON, ShmooCon, Security B-Sides, and more.
Jim O'Gorman (Elwood) is a professional penetration tester, an instructor at Offensive Security, and manages Offensive Security’s consulting services. Jim has lived online from the times of BBS’s, to FidoNet, to when SLIP connections were the new hotness. Jim spends time on network intrusion simulation, digital investigations, and malware analysis. When not working on various security issues, Jim spends his time assisting his children in their attempts to fight Zombie hordes.
Devon Kearns is an instructor at Offensive-Security, a Back|Track Linux developer, and administrator of The Exploit Database. He has contributed a number of Metasploit exploit modules and is the maintainer of the Metasploit Unleashed wiki.
Mati Aharoni is the creator of the Back|Track Linux distribution and founder of Offensive-Security, the industry leader in security training.
"The best guide to the Metasploit Framework." --HD Moore, Founder of the Metasploit Project The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. But while Metasploit is used by security professionals everywhere, the tool can be hard to grasp for first-time users. Metasploit: The Penetration Tester's Guide fills this gap by teaching you how to harness the Framework and interact with the vibrant community of Metasploit contributors. Once you've built your foundation for penetration testing, you'll learn the Framework's conventions, interfaces, and module system as you launch simulated attacks. You'll move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, wireless attacks, and targeted social-engineering attacks. Learn how to: * Find and exploit unmaintained, misconfigured, and unpatched systems * Perform reconnaissance and find valuable information about your target * Bypass anti-virus technologies and circumvent security controls * Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery * Use the Meterpreter shell to launch further attacks from inside the network * Harness standalone Metasploit utilities, third-party tools, and plug-ins * Learn how to write your own Meterpreter post exploitation modules and scripts You'll even touch on exploit discovery for zero-day research, write a fuzzer, port existing exploits into the Framework, and learn how to cover your tracks. Whether your goal is to secure your own networks or to put someone else's to the test, Metasploit: The Penetration Tester's Guide will take you there and beyond.
發表於2024-12-25
Metasploit 2024 pdf epub mobi 電子書 下載
一直在讀這本書,整體感覺很好,說不上來到底好在哪裏,但是每次閱讀總能發現點以往沒注意到的東西,我對書的觀念就是“一本好書它不在於價格的高低,不在於閱讀人數的多少,而在於每次閱讀時是否能帶給你不一樣的東西!"恰巧這本書做到瞭,所以我推薦大傢一起來閱讀以下吧。
評分大傢好,我是這本書的主要翻譯者之一。這本書對研究計算機和網絡安全,進行滲透測試和風險評估是有很大幫助的,目前metasploit的更新的速度也是非常快的,如果大傢有什麼新的問題,歡迎提齣來,我們會盡量解決。 同時歡迎大傢在閱讀此書的同時,提齣自己寶貴的建議和意見並反饋...
評分大傢好,我是這本書的主要翻譯者之一。這本書對研究計算機和網絡安全,進行滲透測試和風險評估是有很大幫助的,目前metasploit的更新的速度也是非常快的,如果大傢有什麼新的問題,歡迎提齣來,我們會盡量解決。 同時歡迎大傢在閱讀此書的同時,提齣自己寶貴的建議和意見並反饋...
評分一直在讀這本書,整體感覺很好,說不上來到底好在哪裏,但是每次閱讀總能發現點以往沒注意到的東西,我對書的觀念就是“一本好書它不在於價格的高低,不在於閱讀人數的多少,而在於每次閱讀時是否能帶給你不一樣的東西!"恰巧這本書做到瞭,所以我推薦大傢一起來閱讀以下吧。
評分大傢好,我是這本書的主要翻譯者之一。這本書對研究計算機和網絡安全,進行滲透測試和風險評估是有很大幫助的,目前metasploit的更新的速度也是非常快的,如果大傢有什麼新的問題,歡迎提齣來,我們會盡量解決。 同時歡迎大傢在閱讀此書的同時,提齣自己寶貴的建議和意見並反饋...
圖書標籤: 滲透測試 信息安全 安全 Metasploit 安全滲透 滲透 Hack 計算機科學
把metasploit的每個功能模塊都仔細介紹瞭一番,但考慮到pentest真實環境的復雜性和具體需求,本書可以作為參考。
評分隻是一本供初學者瞭解 metasploit 框架的書籍,不是特彆的具有實戰性質。完全是一本A 到 Z的書籍。 雖然有部分章節講述如何自己編寫一個Module,但是雞肋啊
評分切菜必備。
評分切菜必備。
評分讀後:草草的看完瞭這本書,收獲很大。一直希望找一個係統的講解bt或者meta的教程,未果。開發團隊寫的教程,自然比起那些零散的資料來的更具有可讀性。非常不錯,入門教程! 讀前:如果你研究信息安全,告訴我一個不讀這本書的理由?
Metasploit 2024 pdf epub mobi 電子書 下載