Metasploit: The Penetration Tester's Guide and over one million other books are available for Amazon Kindle. Learn more

Quantity:


	Amazon Prime Free Trial required. Sign up when you check out. Learn More

Kindle Edition Read the Kindle edition on Kindle, iPhone, iPad, Android, BlackBerry, PC and Mac.

Sell Back Your Copy

For a $6.60 Gift Card

Learn more

More Buying Choices

Have one to sell? Sell yours here

Share your own customer images

Search inside this book

Start reading Metasploit: The Penetration Tester's Guide on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Metasploit: The Penetration Tester's Guide [Paperback]

David Kennedy (Author), Jim O'Gorman (Author), Devon Kearns (Author), Mati Aharoni (Author)

4.7 out of 5 stars See all reviews (38 customer reviews) |

List Price:	$49.95
Price:	$27.24 & this item ships for FREE with Super Saver Shipping. Details
Deal Price:
You Save:	$22.71 (45%)
	o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o

In Stock.
Ships from and sold by Amazon.com. Gift-wrap available.

Want it delivered Friday, February 24? Choose One-Day Shipping at checkout. Details

Formats	Amazon Price	New from	Used from
Kindle Edition	$24.52	--	--
Paperback	$27.24	--	--
Unknown Binding	--	--	--

Book Description

Publication Date: July 22, 2011

"The best guide to the Metasploit Framework." —HD Moore, Founder of the Metasploit Project

The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. But while Metasploit is used by security professionals everywhere, the tool can be hard to grasp for first-time users. Metasploit: The Penetration Tester's Guide fills this gap by teaching you how to harness the Framework and interact with the vibrant community of Metasploit contributors.

Once you've built your foundation for penetration testing, you'll learn the Framework's conventions, interfaces, and module system as you launch simulated attacks. You'll move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, wireless attacks, and targeted social-engineering attacks.

Learn how to:

Find and exploit unmaintained, misconfigured, and unpatched systems
Perform reconnaissance and find valuable information about your target
Bypass anti-virus technologies and circumvent security controls
Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery
Use the Meterpreter shell to launch further attacks from inside the network
Harness standalone Metasploit utilities, third-party tools, and plug-ins
Learn how to write your own Meterpreter post exploitation modules and scripts

You'll even touch on exploit discovery for zero-day research, write a fuzzer, port existing exploits into the Framework, and learn how to cover your tracks. Whether your goal is to secure your own networks or to put someone else's to the test, Metasploit: The Penetration Tester's Guide will take you there and beyond.

#outer_postBodyPS { display: none; } #psGradient { display: none; } #psPlaceHolder { display: none; } #psExpand { display: none; }

"The best guide to the Metasploit Framework." —HD Moore, Founder of the Metasploit Project

Learn how to:

Find and exploit unmaintained, misconfigured, and unpatched systems
Perform reconnaissance and find valuable information about your target
Bypass anti-virus technologies and circumvent security controls
Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery
Use the Meterpreter shell to launch further attacks from inside the network
Harness standalone Metasploit utilities, third-party tools, and plug-ins
Learn how to write your own Meterpreter post exploitation modules and scripts

Frequently Bought Together

Price For All Three: $89.67

Show availability and shipping details

Buy the selected items together

This item: Metasploit: The Penetration Tester's Guide by David Kennedy Paperback $27.24

In Stock.
Ships from and sold by Amazon.com.
This item ships for FREE with Super Saver Shipping. Details
The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy (Syngress Basics Series) by Patrick Engebretson Paperback $18.56

In Stock.
Ships from and sold by Amazon.com.
Eligible for FREE Super Saver Shipping on orders over $25. Details
BackTrack 5 Wireless Penetration Testing Beginner's Guide by Vivek Ramachandran Paperback $43.87

In Stock.
Ships from and sold by Amazon.com.
This item ships for FREE with Super Saver Shipping. Details

Customers Who Bought This Item Also Bought

The Basics of Hacking and Penetration Test... by Patrick Engebretson
4.9 out of 5 stars (14)

$18.56
Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson
4.5 out of 5 stars (38)

$32.97
BackTrack 5 Wireless Penetration Testing Be... by Vivek Ramachandran
4.9 out of 5 stars (17)

$43.87
The Web Application Hacker's Handbook: Fin... by Dafydd Stuttard
5.0 out of 5 stars (3)

$31.11
Nmap Network Scanning: The Official Nmap Pr... by Gordon Fyodor Lyon
4.8 out of 5 stars (38)

$32.64
Malware Analyst's Cookbook and DVD: Tools and... by Michael Ligh
4.7 out of 5 stars (13)

$36.51

Editorial Reviews

About the Author

David Kennedy is Chief Information Security Officer at Diebold Incorporated and creator of the Social-Engineer Toolkit (SET), Fast-Track, and other open source tools. He is on the Back|Track and Exploit-Database development team and is a core member of the Social-Engineer podcast and framework. Kennedy has presented at a number of security conferences including Black Hat, DEF CON, ShmooCon, Security B-Sides, and more.

Jim O'Gorman is a professional penetration tester with CSC's StrikeForce, a co-founder of Social-Engineer.org, and an instructor at Offensive-Security. He is involved in digital investigations and malware analysis, and helped build forensic capabilities into Back|Track Linux. When not working on various security issues, Jim spends his time assisting his children in their attempts to fight Zombie hordes.

Devon Kearns is an instructor at Offensive-Security, a Back|Track Linux developer, and administrator of The Exploit Database. He has contributed a number of Metasploit exploit modules and is the maintainer of the Metasploit Unleashed wiki.

Mati Aharoni is the creator of the Back|Track Linux distribution and founder of Offensive-Security, the industry leader in security training.

Product Details

Paperback: 328 pages
Publisher: No Starch Press; 1 edition (July 22, 2011)
Language: English
ISBN-10: 159327288X
ISBN-13: 978-1593272883
Product Dimensions: 9.2 x 7 x 1.2 inches
Shipping Weight: 1.4 pounds (View shipping rates and policies)

Average Customer Review: 4.7 out of 5 stars See all reviews (38 customer reviews)

Amazon Best Sellers Rank: #2,279 in Books (See Top 100 in Books)
- #1 in Books > Computers & Technology > Business & Culture > Privacy
- #3 in Books > Computers & Technology > Networking > Network Security
- #4 in Books > Computers & Technology > Security & Encryption

Would you like to update product info or give feedback on images?

More About the Authors

Discover books, learn about writers, read author blogs, and more.

David Ken...

Devon Kea...

Jim O'...

Customer Reviews

38 Reviews

5 star:		(30)
4 star:		(6)
3 star:		(1)
2 star:		(1)
1 star:		(0)

Average Customer Review

4.7 out of 5 stars (38 customer reviews)

Share your thoughts with other customers:

Create your own review

Most Helpful Customer Reviews

11 of 12 people found the following review helpful:

5.0 out of 5 stars "Metasploit - The Penetration Tester's Guide" by Mati Aharoni, Devon Kearns, Jim O'Gorman, David Kennedy; No Starch Press, December 5, 2011

Joe Colantonio - See all my reviews

This review is from: Metasploit: The Penetration Tester's Guide (Paperback)

I'm an accomplished test automation/performance engineer, but one area of testing that I'm pretty green at is penetration testing. Luckily, I came across Metasploit: The Penetration Tester's Guide, which is a book about penetration testing using the opensource Metasploit Framework testing and is a great introduction to security testing in general. Since I'm a complete novice when it comes to Metasploit, the book was great for getting me started with the basics of the framework. (A more experience Metasploit user, however, will probably want to read something a bit more advanced.)

The book assumes the reader has zero experience, and begins with a brief history of Metasploit and how to install it. Although you don't need to be a programmer to read it, most of the examples are written in Ruby and Python. You should also be familiar with Linux and how to set up VMs.

Overall, the book is written with a hands-on, tutorial-like style that is great for people like me who prefer to learn by doing. The book is a progression, beginning by establishing the methodologies/phases and terminology of penetration testing and an intro to the utilities and functions within the Metasploit framework. The first few chapters are a great help in getting up to speed on what penetration testing is and provide a nice overview of the different phases of a penetration test. The author then walks you through how to identify different types of vulnerabilities and how to exploit them using the tool. I really liked the sections on how to attack MS SQL, Browser-Based & File exploits and Social Engineering attacks. Many different modules of the framework are covered, as well as how to create a module. The book ends with a realistic simulation of an actual penetration test.

The author states that the book is "designed to teach you everything from the fundamentals of the Framework to advanced techniques in exploitation," and I believe the author excels in fulfilling that goal.

Note: I received a free copy of this book as part of the O'Reilly Blogger Review program.

Joe Colantonio
[...]

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse | Permalink

Comment Comment

4 of 4 people found the following review helpful:

5.0 out of 5 stars Definitive Metasploit reference, January 3, 2012

Ben Rothke "Author of 'Computer Security: 20 ... (USA) - See all my reviews
(REAL NAME)

This review is from: Metasploit: The Penetration Tester's Guide (Paperback)

People who design networks or build software applications are often oblivious to security faults that their designs may have. Those serious about information security will perform or will have an outside firm perform a penetration test--which is a way to evaluate how effective the security of a network or application is. Those performing a penetration test will imitate what an attacker would do in an adversarial situation to see how the system holds up.

The Metasploit Project is an open-source security project that provides information about security vulnerabilities and assists those performing the penetration tests in building a framework in which to carry out the testing. For those looking to use the Metasploit to its fullest, Metasploit: The Penetration Tester's Guide is a valuable aid. Metasploit itself is an extremely powerful tool, but it is not an intui-tive piece of software.

While there's documentation on Metasploit available at the project Web site, the authors use the book to help the reader become more fluent in how to use the base Metasploit meth�odology to be an effective penetration tester.

The first two chapters provide an introduction to penetration testing and Metasploit. By chapter four, the reader is deep in the waters of penetration testing. The book progressively advances in complexity. And by the time the reader finishes chapter 17, he or she should have a high comfort level on how to use Metasploit.

The book is meant for someone who is technical and needs to be hands-on with Metasploit and really understand it. For firms that are looking to do their own penetration testing, Metasploit is a free open-source tool, also used by firms that charge for the service.

For those looking to jump on the Meta�sploit bandwagon, this book is a great way to do that.

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse | Permalink

Comment Comment

27 of 39 people found the following review helpful:

3.0 out of 5 stars Good to a certain point, August 3, 2011

Alexander Reaves - See all my reviews

Amazon Verified Purchase(What's this?)

This review is from: Metasploit: The Penetration Tester's Guide (Paperback)

I really enjoyed reading the Metasploit book. I would have to agree with one of the readers that most of the information can be found on the Metasploit Unleashed website. My only problem is that it did not push the envelope on the advance features of Metasploit. But over all this is still one hell of a book.

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse | Permalink

Comment Comment

Share your thoughts with other customers: Create your own review

› See all 38 customer reviews...

Most Recent Customer Reviews

5.0 out of 5 stars Shouldn't be so easy lol
This book is crazy. It will have you up and running exploits in no time at all. I'm currently about half way through it, and am loving it.

Published 19 days ago by John Ostrander

4.0 out of 5 stars A worth reading book for introducing the framework to beginers.
The book covers the basics of using Metasploit with other related tools (SET and Fast-Track). If the reader is expecting to become a penetration tester expert by reading this book... Read more

Published 25 days ago by Roberto Medina

5.0 out of 5 stars Great intro to metasploit and advanced learning
As a newbie to the world of pentests and exploitations, I found this book to be extremely helpful. I first saw it at DEFCON vegas 2011, and there was only a single copy left, so... Read more

Published 1 month ago by Daren K. Presbitero

5.0 out of 5 stars A good tutorial on a rapidly changing tool
I am teaching an ethical hacking class this summer and I have decided to adopt this book and Vivek Ramachandran's BT5 Wireless Pentration Testing text for the course. Read more

Published 2 months ago by Philip A. Polstra

5.0 out of 5 stars Worth every Dollar.
I've always been interested in penetration testing but oddly enough, I had never used metasploit. So a few weeks ago I bought this book and another one about Metasploit by... Read more

Published 2 months ago by L. Garcia

5.0 out of 5 stars A Solid Book that you will use for a long time
I actually had the opportunity to read this book a few times. I had the pleasure of reading it before it was printed to help with editing and then also after print... Read more

Published 3 months ago by Chris Hadnagy

4.0 out of 5 stars Excellent if slightly scary!
First of all the authors deserve considerable kudos for writing a very readable technical manual. Whenever you open a programming or software manual you run the risk of it being... Read more

Published 4 months ago by renaissance geek

5.0 out of 5 stars Metasploit Review
Metasploit is an open source framework for penetration testing. The Metasploit 4.0 framework is currently available for free download for Windows, Linux and Unix... Read more

Published 4 months ago by eli

5.0 out of 5 stars Perfect
Between the credentials of each author, you would expect a masterpiece. This book is that masterpiece, and it does not disappoint on any level. Read more

Published 4 months ago by M. Cyr

4.0 out of 5 stars Great How-To
I was ready to get into this book being disappointed, since I work on and with Metasploit pretty much all the time. Read more

Published 4 months ago by Tod Beardsley

› See all 38 customer reviews...

Inside This Book (learn more)

What Other Items Do Customers Buy After Viewing This Item?

The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy (Syngress Basics Series) by Patrick Engebretson Paperback
4.9 out of 5 stars (14)

$18.56

BackTrack 5 Wireless Penetration Testing Beginner's Guide by Vivek Ramachandran Paperback
4.9 out of 5 stars (17)

$43.87

Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson Paperback
4.5 out of 5 stars (38)

$32.97

The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws by Dafydd Stuttard Paperback
5.0 out of 5 stars (3)

$31.11

› Explore similar items

Tags Customers Associate with This Product

(What's this?)

Click on a tag to find related items, discussions, and people.

computer security(6)

hacking(5)

information security(5)

network security(5)

penetration testing(5)

security(5)

awsome(1)

Agree with these tags?

See all 9 tags...

.jsOffDisplayBlock { display: block; } .jsOffDisplayInline { display: inline; } .jsOffVisibility { visibility: visible; } .jsOnDisplayBlock { display: none; } .jsOnDisplayNoneBlock { display: block; } .jsOnDisplayNoneInline { display: inline; } .jsOnDisplayInline { display: none; } .jsOnVisibility { visibility: hidden; } .jqOnDisplayBlock { display: none; } .jqOnDisplayInline { display: none; } .jqOnVisibility { visibility: hidden; } .jqOnDisplayNoneBlock { display: block; } .jqOnDisplayNoneInline { display: inline; }

Customer Discussions

This product's forum

Discussion	Replies	Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight

Start a new discussion

Topic:

First post:

Receive e-mail when new posts are made

Prompts for sign-in

Guidelines

Active discussions in related forums

Discussion	Replies	Latest Post
Textbook Buyback forum Textbook Buy Back Scams	6	3 hours ago
Textbook Buyback forum Said it was the wrong isbn and then returned book and is now a lower price	0	4 hours ago
Textbook Buyback forum Book Trade-In	6	6 hours ago
Textbook Buyback forum Is it OK if I used it to nudge several people towards Death Valley with it?	2479	12 hours ago
Textbook Buyback forum Recents problems with Amazon's trade in program	68	1 day ago
Textbook Buyback forum Should I?	2	2 days ago
Textbook Buyback forum Gift card question	1	4 days ago
Textbook Buyback forum Your review to the textbook trade-in service	18	5 days ago