Gift Guide

Metasploit: The Penetration Tester's Guide

( 8 )


"The best guide to the Metasploit Framework."—HD Moore, Founder of the Metasploit Project

The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. But while Metasploit is used by security professionals everywhere, the tool can be hard to grasp for first-time users. Metasploit: The Penetration Tester's Guide fills this gap by teaching you how to harness the Framework and interact with the...

See more details below
$33.21 price
(Save 33%)$49.95 List Price

Pick Up In Store

Reserve and pick up in 60 minutes at your local store

Other sellers (Paperback)
  • All (29) from $24.73   
  • New (18) from $26.17   
  • Used (11) from $24.73   
Metasploit:The Penetration Tester's Guide

Available on NOOK devices and apps  
  • NOOK Devices
  • Samsung Galaxy Tab 4 NOOK 7.0
  • Samsung Galaxy Tab 4 NOOK 10.1
  • NOOK HD Tablet
  • NOOK HD+ Tablet
  • NOOK eReaders
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac
  • NOOK for Web

Want a NOOK? Explore Now

NOOK Book (eBook)
$22.99 price
(Save 42%)$39.95 List Price


"The best guide to the Metasploit Framework."—HD Moore, Founder of the Metasploit Project

The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. But while Metasploit is used by security professionals everywhere, the tool can be hard to grasp for first-time users. Metasploit: The Penetration Tester's Guide fills this gap by teaching you how to harness the Framework and interact with the vibrant community of Metasploit contributors.

Once you've built your foundation for penetration testing, you'll learn the Framework's conventions, interfaces, and module system as you launch simulated attacks. You'll move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, wireless attacks, and targeted social-engineering attacks.

Learn how to:

  • Find and exploit unmaintained, misconfigured, and unpatched systems
  • Perform reconnaissance and find valuable information about your target
  • Bypass anti-virus technologies and circumvent security controls
  • Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery
  • Use the Meterpreter shell to launch further attacks from inside the network
  • Harness standalone Metasploit utilities, third-party tools, and plug-ins
  • Learn how to write your own Meterpreter post exploitation modules and scripts

You'll even touch on exploit discovery for zero-day research, write a fuzzer, port existing exploits into the Framework, and learn how to cover your tracks. Whether your goal is to secure your own networks or to put someone else's to the test, Metasploit: The Penetration Tester's Guide will take you there and beyond.

Read More Show Less

Product Details

  • ISBN-13: 9781593272883
  • Publisher: No Starch Press San Francisco, CA
  • Publication date: 7/21/2011
  • Edition number: 1
  • Pages: 328
  • Sales rank: 130,465
  • Product dimensions: 6.90 (w) x 9.20 (h) x 1.20 (d)

Meet the Author

David Kennedy is Chief Information Security Officer at Diebold Incorporated and creator of the Social-Engineer Toolkit (SET), Fast-Track, and other open source tools. He is on the Back|Track and Exploit-Database development team and is a core member of the Social-Engineer podcast and framework. Kennedy has presented at a number of security conferences including Black Hat, DEF CON, ShmooCon, Security B-Sides, and more.

Jim O'Gorman is a professional penetration tester with CSC's StrikeForce, a co-founder of, and an instructor at Offensive-Security. He is involved in digital investigations and malware analysis, and helped build forensic capabilities into Back|Track Linux. When not working on various security issues, Jim spends his time assisting his children in their attempts to fight Zombie hordes.

Devon Kearns is an instructor at Offensive-Security, a Back|Track Linux developer, and administrator of The Exploit Database. He has contributed a number of Metasploit exploit modules and is the maintainer of the Metasploit Unleashed wiki.

Mati Aharoni is the creator of the Back|Track Linux distribution and founder of Offensive-Security, the industry leader in security training.

Read More Show Less

Table of Contents

Special Thanks;
Why Do a Penetration Test?;
Why Metasploit?;
A Brief History of Metasploit;
About This Book;
What’s in the Book?;
A Note on Ethics;
Chapter 1: The Absolute Basics of Penetration Testing;
1.1 The Phases of the PTES;
1.2 Types of Penetration Tests;
1.3 Vulnerability Scanners;
1.4 Pulling It All Together;
Chapter 2: Metasploit Basics;
2.1 Terminology;
2.2 Metasploit Interfaces;
2.3 Metasploit Utilities;
2.4 Metasploit Express and Metasploit Pro;
2.5 Wrapping Up;
Chapter 3: Intelligence Gathering;
3.1 Passive Information Gathering;
3.2 Active Information Gathering;
3.3 Targeted Scanning;
3.4 Writing a Custom Scanner;
3.5 Looking Ahead;
Chapter 4: Vulnerability Scanning;
4.1 The Basic Vulnerability Scan;
4.2 Scanning with NeXpose;
4.3 Scanning with Nessus;
4.4 Specialty Vulnerability Scanners;
4.5 Using Scan Results for Autopwning;
Chapter 5: The Joy of Exploitation;
5.1 Basic Exploitation;
5.2 Exploiting Your First Machine;
5.3 Exploiting an Ubuntu Machine;
5.4 All-Ports Payloads: Brute Forcing Ports;
5.5 Resource Files;
5.6 Wrapping Up;
Chapter 6: Meterpreter;
6.1 Compromising a Windows XP Virtual Machine;
6.2 Dumping Usernames and Passwords;
6.3 Pass the Hash;
6.4 Privilege Escalation;
6.5 Token Impersonation;
6.6 Using ps;
6.7 Pivoting onto Other Systems;
6.8 Using Meterpreter Scripts;
6.9 Leveraging Post Exploitation Modules;
6.10 Upgrading Your Command Shell to Meterpreter;
6.11 Manipulating Windows APIs with the Railgun Add-On;
6.12 Wrapping Up;
Chapter 7: Avoiding Detection;
7.1 Creating Stand-Alone Binaries with MSFpayload;
7.2 Evading Antivirus Detection;
7.3 Custom Executable Templates;
7.4 Launching a Payload Stealthily;
7.5 Packers;
7.6 A Final Note on Antivirus Software Evasion;
Chapter 8: Exploitation Using Client-Side Attacks;
8.1 Browser-Based Exploits;
8.2 Using Immunity Debugger to Decipher NOP Shellcode;
8.3 Exploring the Internet Explorer Aurora Exploit;
8.4 File Format Exploits;
8.5 Sending the Payload;
8.6 Wrapping Up;
Chapter 9: Metasploit Auxiliary Modules;
9.1 Auxiliary Modules in Use;
9.2 Anatomy of an Auxiliary Module;
9.3 Going Forward;
Chapter 10: The Social-Engineer Toolkit;
10.1 Configuring the Social-Engineer Toolkit;
10.2 Spear-Phishing Attack Vector;
10.3 Web Attack Vectors;
10.4 Infectious Media Generator;
10.5 Teensy USB HID Attack Vector;
10.6 Additional SET Features;
10.7 Looking Ahead;
Chapter 11: Fast-Track;
11.1 Microsoft SQL Injection;
11.2 Binary-to-Hex Generator;
11.3 Mass Client-Side Attack;
11.4 A Few Words About Automation;
Chapter 12: Karmetasploit;
12.1 Configuration;
12.2 Launching the Attack;
12.3 Credential Harvesting;
12.4 Getting a Shell;
12.5 Wrapping Up;
Chapter 13: Building Your Own Module;
13.1 Getting Command Execution on Microsoft SQL;
13.2 Exploring an Existing Metasploit Module;
13.3 Creating a New Module;
13.4 The Power of Code Reuse;
Chapter 14: Creating Your Own Exploits;
14.1 The Art of Fuzzing;
14.2 Controlling the Structured Exception Handler;
14.3 Hopping Around SEH Restrictions;
14.4 Getting a Return Address;
14.5 Bad Characters and Remote Code Execution;
14.6 Wrapping Up;
Chapter 15: Porting Exploits to the Metasploit Framework;
15.1 Assembly Language Basics;
15.2 Porting a Buffer Overflow;
15.3 SEH Overwrite Exploit;
15.4 Wrapping Up;
Chapter 16: Meterpreter Scripting;
16.1 Meterpreter Scripting Basics;
16.2 Meterpreter API;
16.3 Rules for Writing Meterpreter Scripts;
16.4 Creating Your Own Meterpreter Script;
16.5 Wrapping Up;
Chapter 17: Simulated Penetration Test;
17.1 Pre-engagement Interactions;
17.2 Intelligence Gathering;
17.3 Threat Modeling;
17.4 Exploitation;
17.5 Customizing MSFconsole;
17.6 Post Exploitation;
17.7 Attacking Apache Tomcat;
17.8 Attacking Obscure Services;
17.9 Covering Your Tracks;
17.10 Wrapping Up;
Configuring Your Target Machines;
Installing and Setting Up the System;
Booting Up the Linux Virtual Machines;
Setting Up a Vulnerable Windows XP Installation;
Cheat Sheet;
MSFconsole Commands;
Meterpreter Commands;
MSFpayload Commands;
MSFencode Commands;
MSFcli Commands;
MSF, Ninja, Fu;
Meterpreter Post Exploitation Commands;

Read More Show Less

Customer Reviews

Average Rating 5
( 8 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 8 Customer Reviews
  • Anonymous

    Posted December 1, 2011

    Worth every dollar!

    I've always been interested in penetration testing but oddly enough, I had never used metasploit. So a few weeks ago I bought this book and another one about Metasploit by Syngress. I started with the Syngress one, and it was OK but it was terribly outdated so I literally had to throw it away. This one from NoStarch is a completely different story. For starters, I did a background check on the authors. I was glad to find that some of them are key members of the BackTrack Linux distro, which I'm particularly fond of. The others are well respected professionals of the information security community and have spoken at cons like Blackhat or Defcon. So considering the experience of the authors I had high expectations and I have to say that they were surpassed. The book starts off with a nice introduction to Penetration Testing where it explains the different phases of the process and the types of pentests. Then goes on to introduce the actual metasploit framework, covering the basic terminology, the available interfaces and the most important companion tools (msfpayload, msfencode, and so on). However, the fun begins after the introduction, where the authors show how to use metasploit to conduct a penetration test. They divide the process into three phases: intelligence gathering, vulnerability scanning and exploitation. They guide the reader through several step-by-step examples, each one demonstrating different techniques and components. The chapter on the meterpreter is specially detailed and interesting. Apart from the basic find-a-vuln-and-exploit-it, the book also covers advanced topics such as detection avoidance, client-side attacks or social engineering. It even shows how to hack the framework and build your own modules and exploits. Summing up... I really liked the book, I think it's worth every dollar. I wanted to learn how to use metasploit and I did it. Of course, the book does not cover every single exploit and module available but it does a great job at at teaching you how to use metasploit to conduct a penetration test and compromise the security of your systems.

    2 out of 2 people found this review helpful.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted January 27, 2012

    Highly Recommended

    This book is truly something else. I've read this book in full and with out a doubt I highly recommend this book to advance, and thoughs that are new to metasploit. Im not new to metasploit. I've been playing with it for 3 years off and on and this book is PACKED with information, Alot (not going to lie) that I didn't know. If your looking to learn right from the source, you're in the right place. The authors are truly talented on explotation testing.

    1 out of 1 people found this review helpful.

    Was this review helpful? Yes  No   Report this review
  • Posted July 11, 2013

    Metasploit: The Penetration Tester¿s Guide by David Kennedy, Jim

    Metasploit: The Penetration Tester’s Guide by David Kennedy, Jim O’Gorman, Devon Kearns, and Mati Aharoni (O’Reilly Media) is very detailed and extremely valuable in demonstrating how penetration testing can be done using Metasploit along with having the great side-benefit of being able to learn about general methods and processes a pentester will go through during the testing cycle (PTES methodology).

    The initial chapters deal with introducing the reader to the PTES methodology and Metasploit as a testing product. As the chapters progress the authors pushes the reader deeper and deeper into the Metasploit product’s features along with how to use those features to complete the penetration test processes. In the appendix, the authors have provided instructions on how to configure test environments that can support your exploits without sending the Feds to your front door.

    Overall, this book is an good resource for those people that have good technical skills in Ruby and are comfortable in a Linux environment that want to understand penetration testing and the Metasploit product.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted April 5, 2013

    Great book

    Read this fully and use it as a quick recourse! Great book! Would definately reccomend it to all penetration testers, new or old!

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted January 17, 2013

    Great source

    This book is a great source for learning how to use metasploit. It has everything on metasploit withgreat explanation and very clear examples.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted November 18, 2011

    No text was provided for this review.

  • Anonymous

    Posted November 23, 2012

    No text was provided for this review.

  • Anonymous

    Posted June 15, 2012

    No text was provided for this review.

Sort by: Showing all of 8 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)