On Aug 24 Fabien Vauthey wrote: A must read
As working closely with IT systems, this is the book I wish I have read a long time ago.
Written by David Kennedy, Jim O’Gorman, Devon Kearns and Mati Aharoni, all working in Security and contributing to security tools, the book describes precisely how a modern professional attack against an IT infrastructure is happening with the Metasploit framework. Full Review >
On Dec 5 Joe Colantonio wrote: Book Review: “Metasploit – The Penetration Tester’s Guide” by Mati Aharoni, Devon Kearns, Jim O’Gorman, David Kennedy; No Starch Press
I'm an accomplished test automation/performance engineer, but one area of testing that I'm pretty green at is penetration testing. Luckily, I came across Metasploit: The Penetration Tester's Guide, which is a book about penetration testing using the opensource Metasploit Framework testing and is a great introduction to security testing in general. Full Review >
On Nov 30 Brian McSweeney wrote: I expect it to become a valuable resource in most pen tester's libraries
Although not formally done so, the book can be considered to be structured in sections, with Chapters 1 to 6 forming the core, & the remaining 11 Chapters building on and around this.
The core section takes the pen tester, through use of example, from the very basics of the craft to carrying out exploits.
The examples used employ a combination of Back|Track, Ubuntu 9.04,
Metasploitable, and Windows XP, where Back|Track serves as the vehicle for exploitation, and the Ubuntu and Windows systems act as the target systems.... Full Review >
On Nov 10 Mat Powell wrote: Metasploit: The Penetration Testers Guide
If you’re seriously looking into doing some penetration testing, this is the book for you.
The authors quickly take you through a crash course in metasploit basics and from there start building your foundation for discovery and exploitation. You’ll start with basic navigation and OS fingerprinting and eventually get to opening up (root) sessions on the target machine through various vulnerabilities—through the notorious MS08-067, client-side exploitation, web exploits, and even SQLServer exploits. You’ll also cover some of the key auxiliary tools used—sniffers, scanners, and crawlers.
Full Review >
On Sep 8 Nick Rapson wrote: Very interesting book - well recommended
"Metasploit: The Penetration Tester's Guide" was written by Mati Aharoni, Devon Kearns, Jim O'Gorman, and David Kennedy as the ultimate guide to the Metasploit Framework. Full Review >