Press Release

Email. Email press release link

July 7, 2011

Metasploit--New from No Starch Press: New Book Promises to be the Definitive Guide to Using Metasploit for Penetration Testing


Request Review copy

San Francisco, CA, July 7, 2011—The free and open source Metasploit Framework is the most popular suite of penetration testing tools in the world, with more than one million downloads yearly. But despite its popularity, Metasploit has—until now—lacked an authoritative user's guide.

Hailed by HD Moore, the founder of the Metasploit Project, as "the best guide to the Metasploit Framework available today," Metasploit: The Penetration Tester's Guide (No Starch Press, July 2011, 328 pp., $49.95, ISBN 9781593272883) teaches readers how to identify vulnerabilities in networks by using Metasploit to launch simulated attacks. The book's authors, acknowledged Metasploit gurus, begin by building a foundation for penetration testing and establishing a methodology. From there, they explain the Framework's conventions, interfaces, and module system, and then move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, devastating wireless attacks, and targeted social-engineering attacks.

"These days, everyone's a target," said No Starch Press founder Bill Pollock. "Consider Sony PlayStation, Lockheed Martin, the IMF, and Citigroup—all attacked in big ways, just this year. We're excited to release Metasploit: The Penetration Tester's Guide at this critical time because every business needs to make sure that its networks are secure. The Metasploit Framework is arguably the most powerful tool we have in our arsenal."

Metasploit: The Penetration Tester's Guide shows penetration testers how to:

  • Find exploits in unmaintained, misconfigured, and unpatched systems
  • Perform reconnaissance and find valuable information about a target
  • Bypass antivirus technologies and circumvent security controls
  • Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery
  • Use the Meterpreter shell to launch attacks from inside a network
  • Harness stand-alone Metasploit utilities, third-party tools, and plug-ins
  • Learn how to write Meterpreter post exploitation modules and scripts

Whether readers' goals are to secure their own network or to put someone else's to the test, Metasploit: The Penetration Tester's Guide is without doubt the essential guide to using Metasploit.

For more information or to request a review copy of Metasploit: The Penetration Tester's Guide, contact Travis Peterson at No Starch Press (, +1.415.863.9900 x100), or visit

About the Authors

David Kennedy is Chief Information Security Officer at Diebold Incorporated and creator of the Social-Engineer Toolkit (SET), Fast-Track, and other open source tools. He is on the Back|Track and Exploit-Database development team and is a core member of the Social-Engineer podcast and framework. Kennedy has presented at several security conferences including Black Hat, DEF CON, ShmooCon, Security B-Sides, and more.

Jim O'Gorman is a professional penetration tester with CSC's StrikeForce, co-founder of, and an instructor at Offensive-Security. He is involved in digital investigations and malware analysis, and helped build forensic capabilities into Back|Track Linux. When not working on various security issues, Jim spends his time assisting his children in their attempts to fight Zombie hordes.

Devon Kearns is an instructor at Offensive-Security, a Back|Track Linux developer, and administrator of The Exploit Database. He has contributed a number of Metasploit exploit modules and is the maintainer of the Metasploit Unleashed wiki.

Mati Aharoni is the creator of the Back|Track Linux distribution and founder of Offensive-Security, the industry leader in security training.

Additional Resources
Chapter 8: "Exploitation Using Client-Side Attacks" (PDF)
Table of Contents
Detailed Table of Contents (PDF)
Index (PDF)
No Starch Press Catalog Page

Metasploit Metasploit: The Penetration Tester's Guide
Publisher: No Starch Press
by David Kennedy, Jim O'Gorman, Devon Kearns, and Mati Aharoni
ISBN 9781593272883, $49.95 USD  
July 2011, 328 pp.

Request Review copy

Available in fine bookstores everywhere, from, or directly from No Starch Press (,, 1-800-420-7240).

About No Starch Press
Founded in 1994, No Starch Press is one of the few remaining independent computer book publishers. We publish the finest in geek entertainment—unique books on technology, with a focus on open source, security, hacking, programming, alternative operating systems, LEGO, science, and math. Our titles have personality, our authors are passionate, and our books tackle topics that people care about. Visit for a complete catalog.

About O'Reilly

O'Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O'Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption by amplifying "faint signals" from the alpha geeks who are creating the future. An active participant in the technology community, the company has a long history of advocacy, meme-making, and evangelism.

Return to: O'Reilly Press Room

Recent Press Releases

3/21/16 Oriole Online Tutorials: Learning through narrative and computable content
7/8/15 O'Reilly Media Announces Next:Economy
4/27/15 O'Reilly Media and dpunkt.verlag partner on technology media offerings in Germany
12/3/14 O'Reilly Media Announces New Event--Bitcoin & The Blockchain: An O'Reilly Radar Summit
11/5/14 O'Reilly Media Acquires Video-Training Firm Infinite Skills

Press Release Archive »


Press Contacts


Sara Winge
800/998-9938 x7109

Media Relations - North America & Conferences

Maureen Jennings
800/998-9938 x7083

Media Relations - Germany

Corina Pahrmann

Media Relations - Japan

Fumi Yamakawa

Media Relations - United Kingdom

Helen Coding
+44 (0)1252-721284