On Jun 16 Carol Fenijn wrote: Review of the book: METASPLOIT, The Penetration Tester's Guide, by David Kennedy, Jim O'Gorman, Devon Kearns and Mati Aharoni
The following is a review of the book METASPLOIT, The Penetration Tester's Guide, by David Kennedy, Jim O'Gorman, Devon Kearns and Mati Aharoni, no starch press, San Francisco, 2011. In a nutshell: This book is a must have for penetration testers. It is an excellent introduction to the Metasploit Framework, that is useful for both beginners and people who would like to leverage their own exploits, using the framework. One thing that stands out in this book from my own point of view is, that one can use Metasploit for the automation of Social Engineering purposes as well. It is not a thing I intend to use myself, but it is absolutely useful to learn about it, first hand from the person who implemented the Social-Engineer Toolkit (SET), himself, David Kennedy. The other authors of the book are also productive people in the field of security. To those who want to write code themselves and use that with metasploit, this book offers a very low threshold introduction.
Full Review >
On Jul 11 Jason Armstrong wrote:
Full Review >
On Jun 23 Virginia Benedict wrote: METASPLOIT The Penetration Tester’s Guide
A must read for Information Security Professionals and Stake Holders:
This Guide offers a wealth of information to both the novice as Tutorial and the experienced as Reference. For starters, the Novice will learn relevant steps on how to get started; and the Experienced with benefit from the discussions on Methodology. Program Managers and Stake Holders will benefit from a managers perspective Full Review >
On Jun 15 Fabio Alessandro Locati wrote: Really good book
Metasploit is the most common and complete framework for testing security. Metasploit is an entire suite of tools and methodologies designed for testing the security of computers and networks. Full Review >
On Aug 24 Fabien Vauthey wrote: A must read
As working closely with IT systems, this is the book I wish I have read a long time ago.
Written by David Kennedy, Jim O’Gorman, Devon Kearns and Mati Aharoni, all working in Security and contributing to security tools, the book describes precisely how a modern professional attack against an IT infrastructure is happening with the Metasploit framework. Full Review >
On Dec 5 Joe Colantonio wrote: Book Review: “Metasploit – The Penetration Tester’s Guide” by Mati Aharoni, Devon Kearns, Jim O’Gorman, David Kennedy; No Starch Press
I'm an accomplished test automation/performance engineer, but one area of testing that I'm pretty green at is penetration testing. Luckily, I came across Metasploit: The Penetration Tester's Guide, which is a book about penetration testing using the opensource Metasploit Framework testing and is a great introduction to security testing in general. Full Review >
On Nov 30 Brian McSweeney wrote: I expect it to become a valuable resource in most pen tester's libraries
Although not formally done so, the book can be considered to be structured in sections, with Chapters 1 to 6 forming the core, & the remaining 11 Chapters building on and around this.
The core section takes the pen tester, through use of example, from the very basics of the craft to carrying out exploits.
The examples used employ a combination of Back|Track, Ubuntu 9.04,
Metasploitable, and Windows XP, where Back|Track serves as the vehicle for exploitation, and the Ubuntu and Windows systems act as the target systems.... Full Review >
On Nov 10 Mat Powell wrote: Metasploit: The Penetration Testers Guide
If you’re seriously looking into doing some penetration testing, this is the book for you.
The authors quickly take you through a crash course in metasploit basics and from there start building your foundation for discovery and exploitation. You’ll start with basic navigation and OS fingerprinting and eventually get to opening up (root) sessions on the target machine through various vulnerabilities—through the notorious MS08-067, client-side exploitation, web exploits, and even SQLServer exploits. You’ll also cover some of the key auxiliary tools used—sniffers, scanners, and crawlers.
Full Review >
On Sep 8 Nick Rapson wrote: Very interesting book - well recommended
"Metasploit: The Penetration Tester's Guide" was written by Mati Aharoni, Devon Kearns, Jim O'Gorman, and David Kennedy as the ultimate guide to the Metasploit Framework. Full Review >