Metasploit Unleashed

• Donate
• 01 Introduction

  Introduction

  • Metasploit Architecture
    • Filesystem And Libraries
    • Modules And Locations
    • Metasploit Object Model
    • Mixins And Plugins
• 02 Requirements

  Required Materials

  • Metasploitable
• 03Metasploit Fundamentals

  Metasploit Fundamentals

  • Msfcli
  • Msfconsole
    • Msfconsole Commands
  • Exploits
    • Using Exploits
  • Payloads
    • Payload Types
    • Generating Payloads
  • Databases
    • Using the Database
  • About Meterpreter
    • Meterpreter Basics
• 04 Information Gathering

  Information Gathering

  • Port Scanning
  • Hunting For MSSQL
  • Service Identification
  • Password Sniffing
    • Extending Psnuffle
  • SNMP Sweeping
  • Writing Your Own Scanner
• 05 Vulnerability Scanning

  Vulnerability Scanning

  • SMB Login Check
  • VNC Authentication
  • WMAP Web Scanner
  • Working With NeXpose
    • NeXpose Via Msfconsole
  • Working With Nessus
    • Nessus Via Msfconsole
• 06 Writing A Simple Fuzzer

  Writing a Simple Fuzzer

  • Simple TFTP Fuzzer
  • Simple IMAP Fuzzer
• 07 Exploit Development

  Exploit Development

  • Exploit Design Goals
  • Exploit Format
  • Exploit Mixins
  • Exploit Targets
  • Exploit Payloads
    • Msfvenom
    • Msfpayload
    • Msfencode
    • Alphanumeric Shellcode
    • Msfrop
  • Writing An Exploit
    • Getting A Shell
  • Using The Egghunter Mixin
    • Completing The Exploit
  • Porting Exploits
• 08 Web App Exploit Dev

  Client-side Exploits

  • Installing dotDefender
  • Analyzing the Exploit
  • Skeleton Creation
  • Making A Log Entry
  • Hosting the Javascript
  • Final Exploit
• 09 Client Side Attacks

  Client Side Attacks

  • Binary Payloads
  • Binary Linux Trojan
  • Client Side Exploits
  • VBScript Infection Methods
• 10 MSF Post Exploitation

  MSF Post Exploitation

  • Privilege Escalation
  • PSExec Pass the Hash
  • Event Log Management
  • Fun with Incognito
  • Interacting with the Registry
    • Persistent Netcat Backdoor
  • Enabling Remote Desktop
  • Packet Sniffing
  • Pivoting
  • Portfwd
  • TimeStomp
  • Screen Capture
  • Searching For Content
  • John The Ripper
• 11 Meterpreter Scripting

  Meterpreter Scripting

  • Existing Scripts
  • Writing Meterpreter Scripts
  • Custom Scripting
  • Useful API Calls
  • Useful Functions
• 12 Maintaining Access

  Maintaining Access

  • Keylogging
  • Meterpreter Backdoor
  • Persistent Backdoors
  • Netcat Backdoor
  • Meterpreter Service
• 13 MSF Extended Usage

  MSF Extended Usage

  • PHP Meterpreter
  • Backdooring EXE Files
  • Karmetasploit
    • Configuration
    • Karmetasploit in Action
    • Attack Analysis
  • MSF vs OS X
  • File-Upload Backdoors
  • Building A Module
    • Payloads Through MSSQL
    • Creating Our Auxiliary Module
    • The Guts Behind It
• 14 Metasploit GUIs

  Metasploit GUIs

  • MSF Community Edition
    • Scanning
    • Exploitation
    • Post Exploitation
  • Armitage
    • Armitage Setup
    • Armitage Scanning
    • Armitage Exploitation
    • Armitage Post Exploitation
• About The Authors

  About the Authors

  • Mati Aharoni
  • William Coppola
  • Paul Hand
  • Alain Hernandez
  • Devon Kearns
  • David Kennedy
  • Steven McElrea
  • Matteo Memelli
  • Max Moser
  • Jim O'Gorman
  • David Ovitz
  • Carlos Perez
• Post Module Reference

  Post Module Reference

  • Windows
    • Capture
    • Gather
    • Manage
  • Linux
    • Gather
  • OS X
    • Gather
  • Multiple OS
    • Gather
    • General
• Auxiliary Module Reference

  Auxiliary Module Reference

  • Admin
    • HTTP
    • MSSQL
    • MySQL
    • Postgres
    • VMWare
  • Scanner
    • DCERPC
    • Discovery
    • FTP
    • HTTP
    • IMAP
    • MSSQL
    • MySQL
    • NetBIOS
    • POP3
    • SMB
    • SMTP
    • SNMP
    • SSH
    • Telnet
    • TFTP
    • VMWare
    • VNC
  • Server
    • Capture