Book Review: Mastering Metasploit Edition 1 & 2


Book Review: Mastering Metasploit Edition 1 & 2 1 Book Review: Mastering Metasploit Edition 1 & 2 2

Book Details:

  • Author: Nipun Jaswal
  • ISBN: 9781782162223 (Edition 1), 9781786463166 (Edition 2)
  • Publisher: PacktPub

In the crowded world of books on Metasploit; I find this book unique as most of them focus on “How to use Metasploit” but this book gives you an understanding and encouragement towards how you can port your exploit to Metasploit. I have bought hardcopy edition 1  just after launch and got it signed from Nipun Jaswal. For the 2nd edition, I have bought the e-book from PacktPub using my Packt credits given to me as the honorarium for reviewing other books for them, and I am waiting for my signed copy of edition 2 (Nipun are you reading this?). In the current world of bug bounty hunters, the methodological penetration testing is somewhere getting lost, and after reading both editions, I was happy that author has also tried to take each and every perspective while writing chapters.  A lot of efforts are put together to make this fantastic guide for the amateur seasoned Metasploit user who could benefit with a vast support of striking images and test cases. Now I would like to take a stop here and provide at a glance overview of “Mastering Metasploit.”

Summery

Both editions of book contain ten chapters which are following

Version 1

1: Approaching a Penetration Test Using Metasploit
2: Reinventing Metasploit
3: The Exploit Formulation Process
4: Porting Exploits
5: Offstage Access to Testing Services
6: Virtual Test Grounds and Staging
7: Sophisticated Client-side Attacks
8: The Social Engineering Toolkit
9: Speeding Up Penetration Testing
10: Visualizing with Armitage

Version 2

1: Approaching a Penetration Test Using Metasploit
2: Reinventing Metasploit
3: The Exploit Formulation Process
4: Porting Exploits
5: Testing Services with Metasploit
6: Virtual Test Grounds and Staging
7: Client-side Exploitation
8: Metasploit Extended
9: Speeding up Penetration Testing
10: Visualizing with Armitage

Where both have ten chapters; Edition one is more of introductory towards some and edition two covers more of in-depth details about the topics. Keeping the context of the readers clear and precise to the point, I would begin with each item and maintain a streamlined summary version of each of the elements covered in the book.

Chapter 1: Approaching a Penetration Test using Metasploit

This particular chapter in both books has the introduction of Metasploit and procedure to set up testing lab environment wherein edition 2. The author has gone into more in-depth about the tools and also covered benefits of Metasploit and have also discussed a methodology to pentest an unknown network and how to exploit publically know vulnerability such as VSFTPD 2.3.4 backdoor and HFS 2.3 RCE.

Chapter 2: Reinventing Metasploit

This chapter in both books contains information about Ruby the heart of Metasploit, gives an idea on how you can make your custom modules for Metasploit. The chapter also has information about making meterpreter scripts then it moves to the concept of working with RailGun which allows you to make calls to Windows API(s) without compiling your own DDL.

Chapter 3: The Exploit Formulation Process

This chapters starts with the concept of assembly language and states the importance EIP & ESP registers and NOP & JMP while writing an exploit. The section also contains brief details about Stack, SEH based buffer overflow attacks & how to bypass DEP in Metasploit modules and what are protection mechanism against them.

Chapter 4: Porting Exploits

This is one of the core chapters in the book. In this chapter, readers get ample amount of information that how one can port exploits written in different programming languages like Python and Perl also web-based exploits into Metasploit modules.

Chapter 5: Testing Service with Metasploit

It starts with Introduction with SCADA and how to exploit them and secure them after this chapter moves towards database exploitation right from basics like fingerprinting. The chapter also has details about how one could test VOIP services by scanning the network for VOIP clients and spoofing VOIP calls as well.

Chapter 6: Virtual Test Grounds and Staging

In this section, The author covers a vast number of subjects like how to efficiently perform black box testing, white box testing & grey box testing on the target under the scope. How to format reports and use leading industry directly from the Metasploit console and use it as a single point of testing for a complete penetration.

Chapter 7: Client-side attacks

In this section, Variety of techniques that can help us attack client-based systems is explained like browser-based exploitation and its variants, exploiting Windows-based systems using Arduino and creating file formate-based exploits. Using Metasploit with DNS-spoofing attack vectors and exploiting Linux-based clients and Android devices.

Chapter 8: This is the chapter which is different in both editions. In version 1 it is about the Social Engineering Toolkit and explains a brief detail about it and in edition 2 it is about Metasploit for post-exploitable scenarios and using it’s extended features.

Chapter 9: Speeding up Penetration Testing

Throughout this chapter, Author focused on faster penetration testing with automated approaches. He explained about various techniques to improve the testing of databases, speeding up exploitation with db_autopwn and pushm, popm, loadpath, reload and edit commands. He also explains about creating resource scripts and making use of AutoRunScript and about setting global variables, automating payload generation, and exploit handler setup using SET.

Chapter 10: Visualizing with Armitage

In this chapter, Author gave a good look at Armitage and its various features. He kicked off by looking at the interface and building up workspaces.he also explained how to exploit a host with Armitage using remote as well as client-side exploitation and post-exploitation. Furthermore, he jumped into Cortana, using it to control Metasploit. He also created post-exploitation scripts, custom menus, and interfaces as well.

Final Notes: Above I have tried to give a short idea about all the chapters in the both editions of the book. The use of step-on-step approach makes it very comfortable for the readers to go along the book and reproduce the same steps in his/her system provided all the steps were followed exactly as the author had described in this book.

Tips

  • The Book is amazingly priced and has a brief content.
  • The Book has been a great benefit to previous buyers.
  • The Book primary focus is for pen-testers and equally beneficial to bug-hunters.
  • The Book is self-paced and dedicated across different streams of exploitation – app, network, system;
  • The Books has a huge exploit writing section for beneficiaries discussed above.
  • The Book can be used as a reference guide for newcomers to Penetration Testing.

Rating

  • For Content, I would rate it 9/10
  • For Grammar, I would rate it 8/10
  • For Technicality, I would rate it 9/10
  • For Deliverance of the subject, I would rate it 8/10

Overall Rating: 8.5/10 as per the subject, material delivered, proof-reading, self-pacing and technicality on the subject covered. The evaluation depends on personal perspective and the readers choice in the matter.

Recommendation

This final section covers any preliminary core concepts you would require to get into this book for a hands-on experience and advice which personally I think is opinion based and technical driven. The author has taken his dedication and passion level to the next stage in drafting the book, and it can be seen by efforts he has had to put when developing the material itself.

I recommend this book to each and everyone InfoSec enthusiast and professional; after reading this book you will have a clear understanding of Metasploit and Penetration Testing skills will be improved.

I thank you for reading the review on “Mastering Metasploit”, It’s been kind of interesting to deliver a review of someone’s work who has made through his efforts right across the desk and gave them in a fashion. The security community wouldn’t be so far as it’s now if it wasn’t for people like Nipun Jaswal who have been contributing their time and investing their focus in different digital security research in the midst of forest daylight through the trees. I hope this post has delivered unbiased review and would put my efforts across to make things higher quality.

Leave a Reply

Your email address will not be published. Required fields are marked *

8 − seven =