Chapter 7: Web Application Scanning with Metasploit
In the previous chapter, we had an overview of how Metasploit can be used to launch deceptive client-side attacks. Web applications are often considered soft targets for the attackers to get into. Due to a lack of secure Software Development Life Cycle (SDLC) practices, quite often applications contain potential vulnerabilities when developed. Web application security testing is a separate and vast subject area, so covering it completely is beyond the scope of this book. Though the Metasploit Framework is not essentially an application security scanning tool, it is flexible enough to offer modules and features that aid in detecting vulnerabilities in web applications.
In this chapter, you ...
Get Metasploit 5.0 for Beginners - Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
