GCIH GIAC Certified Incident Handler All-in-One Exam Guide

CHAPTER 5 Vulnerability Exploitation

In this chapter you will learn how to use

• Tcpdump

• Wireshark

• Metasploit

• Armitage

• Netcat

• SET

• BeEF

Metasploit and netcat are within the GCIH exam scope. The Browser Exploitation Framework (BeEF), tcpdump and Wireshark are not explicitly required, but I highly recommend you review their operation and experiment with packet captures when running various commands and exploits. BeEF provides a great way of learning how to pass exploits on target browsers. Wireshark and tcpdump can prove extremely useful not only for incident response but also for various troubleshooting scenarios. As I always like to say, traffic doesn’t lie. Finally, Armitage and SET are also not explicitly related ...

Get GCIH GIAC Certified Incident Handler All-in-One Exam Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

GCIH GIAC Certified Incident Handler All-in-One Exam Guide by Nick Mitropoulos

CHAPTER 5

Vulnerability Exploitation

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly