Please Sign Up to Request This Product


The Penetration Tester's Guide

You need to be an approved reviewer to request a product. Please sign up to request access or login to your account.

If you've already signed up and you haven't heard from us yet please email and we will check on your request.


"The best guide to the Metasploit Framework."—HD Moore, Founder of the Metasploit Project

The Metasploit Framework is a powerful suite of tools that security researchers use to investigate and resolve potential network and system vulnerabilities. Metasploit: The Penetration Tester's Guide shows readers how to assess networks by using Metasploit to launch simulated attacks that expose weaknesses in their security.


On Aug 24 Fabien Vauthey wrote: A must read
As working closely with IT systems, this is the book I wish I have read a long time ago. Written by David Kennedy, Jim O’Gorman, Devon Kearns and Mati Aharoni, all working in Security and contributing to security tools, the book describes precisely how a modern professional attack against an IT infrastructure is happening with the Metasploit framework. Full Review  >

Rating: StarStarStarStarStar5.0

On Dec 5 Joe Colantonio wrote: Book Review: “Metasploit – The Penetration Tester’s Guide” by Mati Aharoni, Devon Kearns, Jim O’Gorman, David Kennedy; No Starch Press
I'm an accomplished test automation/performance engineer, but one area of testing that I'm pretty green at is penetration testing. Luckily, I came across Metasploit: The Penetration Tester's Guide, which is a book about penetration testing using the opensource Metasploit Framework testing and is a great introduction to security testing in general. Full Review  >

Rating: StarStarStarStarStar5.0

On Nov 30 Brian McSweeney wrote: I expect it to become a valuable resource in most pen tester's libraries
Although not formally done so, the book can be considered to be structured in sections, with Chapters 1 to 6 forming the core, & the remaining 11 Chapters building on and around this. The core section takes the pen tester, through use of example, from the very basics of the craft to carrying out exploits. The examples used employ a combination of Back|Track, Ubuntu 9.04, Metasploitable, and Windows XP, where Back|Track serves as the vehicle for exploitation, and the Ubuntu and Windows systems act as the target systems.... Full Review  >

Rating: StarStarStarStarStar4.0

On Nov 10 Mat Powell wrote: Metasploit: The Penetration Testers Guide
If you’re seriously looking into doing some penetration testing, this is the book for you. The authors quickly take you through a crash course in metasploit basics and from there start building your foundation for discovery and exploitation. You’ll start with basic navigation and OS fingerprinting and eventually get to opening up (root) sessions on the target machine through various vulnerabilities—through the notorious MS08-067, client-side exploitation, web exploits, and even SQLServer exploits. You’ll also cover some of the key auxiliary tools used—sniffers, scanners, and crawlers. Full Review  >

Rating: StarStarStarStarStar5.0

On Sep 8 Nick Rapson wrote: Very interesting book - well recommended
"Metasploit: The Penetration Tester's Guide" was written by Mati Aharoni, Devon Kearns, Jim O'Gorman, and David Kennedy as the ultimate guide to the Metasploit Framework. Full Review  >

Rating: StarStarStarStarStar4.0

Receive free ebooks and videos in exchange for your reviews.

Join the O'Reilly Reader Review Program

Learn more >


Top Reviewers

Michal Konrad Owsiak, 94 Reviews

Santosh Shanbhag, 61 Reviews

Surachart Opun, 60 Reviews

Doron Katz, 57 Reviews

Shawn Day, 55 Reviews

See More Reviewers >

Featured Review

The Linux Command Line

Jeffery Rine wrote:
Excellent Intro to the Linux Command Line
The book is well written and a pleasure to read. The code examples worked, the… Full Review >

Rating: StarStarStarStarStar5.0