Book Review – Metasploit: The Penetration Tester’s Guide
Want a great book on Backtrack 5 and the Metasploit Framework? Look no further than “Metasploit: The Penetration Tester’s Guide” written by the all star cast of David Kennedy (One of my favorite security speakers and creator of the Social Engineering Toolkit), Jim O’Gorman (instructor at Offensive-Security), Devon Kearns (a BackTrack Linux developer), and Mati Aharoni (created BackTrack and founder of Offensive-Security).
Arguably my favorite book for 2012, this is the most complete and comprehensive instruction book for Metasploit that I have seen so far. The authors walk you step by step, command by command through using the Metasploit Framework as a penetration tester. You move quickly from the basics of Penetration testing through using the platform to perform the different phases of intelligence gathering and exploitation.
The exploiting sections are very good, covering the famous exploitation techniques of attacking MS SQL, dumping password hashes, pass the hash & token impersonation, killing anti-virus and gathering intelligence from the system to pivot deeper into the target network.
The book also covers building your own Metasploit modules and creating your own exploits.
I love the book because the authors give you a short overview of the topic, then jump right into hands on – showing you the commands to use, and then dissecting the output and explaining step by step what is happening and what was accomplished.
Excellent book for anyone interested in a hands on approach to computer security, the Metaslpoit pro who wants a great reference book and those new to Metasploit that want a step by step instruction manual.
Metasploit: The Penetration Tester’s Guide – Check it out!
~ by D. Dieterle on April 6, 2012.