METASPLOIT-The Penetration Tester’s Guide

METASPLOt-TThe Penetration Tester’s Guide

                                            FOREWORD

Information technology is a complex field, littered with the half-dead technology of the past and an ever-increasing menagerie of new systems, software, and protocols. Securing today’s enterprise networks involves more than simply patch management, firewalls, and user education; it requires frequent realworld validation of what works and what fails. This iswhat penetration testing is all about.

                                           PREFACE 

The Metasploit Framework has long been one of the tools most widely used by information security professionals, but for a long time little documentation existed aside from the source code itself or comments on blogs. That situation changed significantly when Offensive-Security developed its online course, Metasploit Unleashed. Shortly after the course went live, No Starch Press contacted us about the possibly of creating a book to expand on our work with Metasploit
Unleashed. This book is designed to teach you the ins and outs of Metasploit and how to use the Framework to its fullest. Our coverage is selective—we won’t cover every single flag or exploit—but we give you the foundation you’ll need to understand and use Metasploit now and in future versions.

  ACKNOWLEDGMENTS

We would like to thank a number of people, beginning with the folks whose hard work provides the community with an invaluable tool. Special thanks to the Metasploit Team: HD Moore, James Lee, David
D. R de II, Tod Beardsley, Jonathan Cran, Stephen
Fewer, Joshua Drake, Mario Ceballos, Ramon Valle,