EUR 40,00
  • Tous les prix incluent la TVA.
Il ne reste plus que 2 exemplaire(s) en stock (d'autres exemplaires sont en cours d'acheminement).
Expédié et vendu par Amazon. Emballage cadeau disponible.
Metasploit - The Penetrat... a été ajouté à votre Panier
Vous l'avez déjà ?
Repliez vers l'arrière Repliez vers l'avant
Ecoutez Lecture en cours... Interrompu   Vous écoutez un extrait de l'édition audio Audible
En savoir plus
Voir les 3 images

Metasploit - The Penetration Tester′s Guide (Anglais) Broché – 15 juillet 2011

4.5 étoiles sur 5 2 commentaires client

Voir les 2 formats et éditions Masquer les autres formats et éditions
Prix Amazon
Neuf à partir de Occasion à partir de
Format Kindle
"Veuillez réessayer"
Broché
"Veuillez réessayer"
EUR 40,00
EUR 28,49 EUR 39,34
Note: Cet article est éligible à la livraison en points de collecte. Détails
Récupérer votre colis où vous voulez quand vous voulez.
  • Choisissez parmi 17 000 points de collecte en France
  • Les membres du programme Amazon Premium bénéficient de livraison gratuites illimitées
Comment commander vers un point de collecte ?
  1. Trouvez votre point de collecte et ajoutez-le à votre carnet d’adresses
  2. Sélectionnez cette adresse lors de votre commande
Plus d’informations
click to open popover

Offres spéciales et liens associés


Produits fréquemment achetés ensemble

  • Metasploit - The Penetration Tester′s Guide
  • +
  • The Hacker Playbook 2: Practical Guide To Penetration Testing
  • +
  • Black Hat Python
Prix total: EUR 86,19
Acheter les articles sélectionnés ensemble

Descriptions du produit

"The best guide to the Metasploit Framework." --HD Moore, Founder of the Metasploit Project The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. But while Metasploit is used by security professionals everywhere, the tool can be hard to grasp for first-time users. Metasploit: The Penetration Tester's Guide fills this gap by teaching you how to harness the Framework and interact with the vibrant community of Metasploit contributors. Once you've built your foundation for penetration testing, you'll learn the Framework's conventions, interfaces, and module system as you launch simulated attacks. You'll move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, wireless attacks, and targeted social-engineering attacks.Learn how to: * Find and exploit unmaintained, misconfigured, and unpatched systems * Perform reconnaissance and find valuable information about your target * Bypass anti-virus technologies and circumvent security controls * Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery * Use the Meterpreter shell to launch further attacks from inside the network * Harness standalone Metasploit utilities, third-party tools, and plug-ins * Learn how to write your own Meterpreter post exploitation modules and scripts You'll even touch on exploit discovery for zero-day research, write a fuzzer, port existing exploits into the Framework, and learn how to cover your tracks. Whether your goal is to secure your own networks or to put someone else's to the test, Metasploit: The Penetration Tester's Guide will take you there and beyond.

Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.

  • Apple
  • Android
  • Windows Phone
  • Android

Pour obtenir l'appli gratuite, saisissez votre numéro de téléphone mobile.



Détails sur le produit


Quels sont les autres articles que les clients achètent après avoir regardé cet article?

Commentaires en ligne

4.5 étoiles sur 5
5 étoiles
1
4 étoiles
1
3 étoiles
0
2 étoiles
0
1 étoile
0
Voir les deux commentaires client
Partagez votre opinion avec les autres clients

Meilleurs commentaires des clients

Par Tinkerbell TOP 100 COMMENTATEURSMEMBRE DU CLUB DES TESTEURS le 29 août 2011
Format: Broché
Excellent livre, très complet. Montre bien toutes les bases et astuces de Meta. Rédigé en anglais, mais simple à suivre. Pas besoin d'acheter d'autre livre sur le sujet, il se suffit à lui-même.
Ouvre plein de possibilités !

Excellent book, very complete, no need to buy another book. Shows all the uses and details of Meta.
Remarque sur ce commentaire Une personne a trouvé cela utile. Avez-vous trouvé ce commentaire utile ? Oui Non Commentaire en cours d'envoi...
Merci pour votre commentaire.
Désolé, nous n'avons pas réussi à enregistrer votre vote. Veuillez réessayer
Signaler un abus
Format: Broché Achat vérifié
très bon bouquin très complet! un "must have" à mon sens.
metasploit est détaillé et on ne peut qu'en tirer un réel bénéfice!
Remarque sur ce commentaire Avez-vous trouvé ce commentaire utile ? Oui Non Commentaire en cours d'envoi...
Merci pour votre commentaire.
Désolé, nous n'avons pas réussi à enregistrer votre vote. Veuillez réessayer
Signaler un abus

Commentaires client les plus utiles sur Amazon.com (beta)

Amazon.com: 4.5 étoiles sur 5 120 commentaires
69 internautes sur 70 ont trouvé ce commentaire utile 
2.0 étoiles sur 5 Warning! Very Outdated... 15 avril 2016
Par Steve Abbitt - Publié sur Amazon.com
Format: Broché Achat vérifié
As of April 2016 (v4.11 of MetaSploit), this book is horribly outdated. I have gone through about a third of the book and half or less of the commands work in MetaSploit and require research online to find the current way to run them. This also applies to most of the non-MetaSploit tools that the author suggests. I'm giving it 2 stars for the theory and concepts that the author presents, but other than that you can find more up to date MetaSploit tutorials online for free.
3 internautes sur 3 ont trouvé ce commentaire utile 
3.0 étoiles sur 5 Software Problems when setting up windows virtual lab (SQL 2005 Express) 7 février 2015
Par Mr.Bill - Publié sur Amazon.com
Format: Broché Achat vérifié
I bought this book due to all of the great reviews this book has received but this books software is a little outdated now. By software I mean microsofts windows products. I'm currently at a point where I have to install SQL 2005 express which I did onto my virtual machine but there is no option of 'sql server manager'. I tried and search but no look. So you are going to run into problems in the beginning.

If anyone could help me with links it would be much appreciative. I currently had to download all of the programs onto my host machine then upload it to a cloud server and then from there download it onto my virtual machine. Such a pain-staking process because using firefox and internet explorer on it wouldn't let me download it.
2 internautes sur 2 ont trouvé ce commentaire utile 
4.0 étoiles sur 5 Great reference and higher level framework book! 10 juillet 2014
Par ThaReaper2b - Publié sur Amazon.com
Format: Broché Achat vérifié
This is a great reference book, however it is a book and by the time it is printed, it is obsolete. The exploits in this book are not all going to work, however it is a great starting point for the references.
The real value is understanding the framework and helping you develop your own exploits and tools to use within the Metasploit framework!
I give it only four stars as I think it could have been a bit more comprehensive with stronger use case scenarios and examples. A higher level of understanding of the customization options would have made it a five star book.
All in all, if you are a developer, pen-tester, or just plain hobbyist, this is a great book for reference and understanding of the framework. It isn't a beginners book. If you have no understanding of the framework or Metasploit, you may want to read the Basic Security Testing with Kali Linux or The Basics of Hacking and Penetration Testing Second Edition.
5.0 étoiles sur 5 Tremendous 15 février 2013
Par Ryan and Ashley - Publié sur Amazon.com
Format: Format Kindle Achat vérifié
This book is an absolute essential to any pentesters arsenal. Going in the book, I already have a fairly deep understanding of Metasploit. To clarify, "deep" is defined as knowing how to use it, move around in it (the framework), in meterpreter, and the a few of the modules. I had absolutely no idea how much more there was to it than that.

I have been completely blown away by the depth of knowledge poured into this book. They methodically take you through just about every phase of a penetration test, from recon to post-exploitation. Along with real-world examples, they also provide you with theoretical knowledge of the different levels as well.

I came into this book thinking it would teach me a couple new tricks in Metasploit and it delivered on that and so much more.
21 internautes sur 23 ont trouvé ce commentaire utile 
4.0 étoiles sur 5 A worth reading book for introducing the framework to beginers. 28 janvier 2012
Par Roberto Medina - Publié sur Amazon.com
Format: Broché Achat vérifié
The book covers the basics of using Metasploit with other related tools (SET and Fast-Track). If the reader is expecting to become a penetration tester expert by reading this book then I will say that the expectations are wrong. The author has managed to put in a single book the methodology used for penetration testing, named as PTES (Penetration Testing Execution Standard) and described as the redefined methodology for penetration testing and a general overview of the Metasploit framework, how it works, how is composed and how you can leverage the power of using this framework to make adaptations in different situations or scenarios. Also the author has recalled the fact that every situation is different and the penetration tester should deal with obstacles that he may find in the way to exploit a system.

The author begins the book by describing the PTES methodology and also referring the user to the penetration standard organization website in order to get more information (for people that are new in penetration testing). Then the author moves on with the metasploit basics, explaining the terminology and how the framework is composed. It also makes a brief explanation about Metasploit Express and Metasploit Pro. In the Chapter 2 the book deals with an important step (information gathering), if not the most important, when conducting a penetration test. People tend to overlook this step because sometimes it will not have the "expected" fun necessary but users should understand that the success of exploiting a system is the time spent on gathering information of the target. The information gathering process, in this book, covers the identification of the target and the discovery of different applications or possible attack vectors. In the very beginning of the book, in chapter 2, the author explain briefly how to import databases from other tools such as vulnerability scanners in order to conduct exploits with some kind of automation. Some people will remember the autopwn option in Metasploit, this option is not longer available anymore in the framework (the framework changes everytime). I really don't know the reason why. But, as to import hosts and related information from Nessus, Nexpose, nmap will be very helpful for the penetration tester.

The complexity will be a little bit higher with every new chapter. I think that more than explaining every single module, structure and syntax of commands of the framework the author has focused on how it works and set us the basics in order to get more experience in the tool by discovering what can we do with it, how we can add our features or modules and how we can use the framework with other tools such as SET and Fast-Track. I found useful the way the user explain how to create our own auxiliary, exploit modules within the framework using Ruby as the programming language(you will need some basics in programming in order to get the most of these chapters). The use of the mixins, the structure of the coding is something you will have to pay attention if you want to develop your own modules and tools within Metasploit. In chapter 8 the author begins with the interesting part. He explains the client-side attacks and introduces us to terms such as the heap and the other chapters will deal a little bit more with the stack. The reader must have some understanding of how you can perform a buffer overflow, how you can insert your code after exploiting a given application and how to introduce some stealth in your code in order to get around of the IPS, IDS and AV solutions. The author also explains the use of encoders in order to bypass security solutions. By the way, I have to mention that the meterpreter payload is detectable in a lot of security solutions so that's why the author encourages the reader to be more creative at the moment of target exploitation.

In conclusion, the book is a good one for beginners and to understand what the Metasploit framework is and how you can use it. Most of the material can be found in the project website but not at the same detail level as the book. The book will show you the basics of the framework, don't expect to become an expert after this. The basis will help you to understand how to leverage the functionality of the tool and how to create your own code, workaround some difficulties in the process and most of all encourage people to contribute to the tool. There are some things that the author assumes that the reader should know and therefore some chapters can become some confusing. But, take the references and give you the opportunity to practice with the tool and surely in the future you will manage to port exploits from other sources and develop your own code.
Ces commentaires ont-ils été utiles ? Dites-le-nous

Rechercher des articles similaires par rubrique