I have just finished the new Metasploit: The Penetration Tester’s Guide book and thought would share my thoughts on this. I am not really a big fan of reading books, I tend to play about and work things out myself but I had to order this book the second I see it as Metasploit is a beast of a tool set.
I would consider myself quite an advanced Metasploit user and know a lot of commands that are quite hard to find documented and use the product every day and in every single test in some form.
I have found in the past it is quite tricky to discover certain features in Metasploit and when you do suddenly stumble across a feature that has been there all along hiding, you look back and think wow I could have done this test way easier and cleaner. The thing with Metasploit is everyone associates it with just being a exploit tool, but it is way more than that. I use this for brute forcing SQL, FTP, SSH, SMB etc and the auxiliary modules are so powerful.
Obviously there is the well known Metasploit Unleashed guides online which are great, but this book is a must have.
The first few chapters I thought I know this and hope gets more technical, but it really does go into detail and steps up into advanced stuff and will be a great read for any pen tester just starting out or even advanced users.
I have picked up quite a few new tips and is has cleared up a couple of things I never 100% understood and picked up a few easier ways to achieve the same results, so its a big thumbs up from me. It was worth every penny to learn the bits I did and to add clarity to other areas.
Metasploit is a tricky product to put into a book as by the time you have written a chapter there are new features. It mentions about the new POST modules but doesn’t fully cover them as at the time of writing these hadn’t been rolled out. For those who haven’t noticed post exploitation modules now make life a bit easier as once you have a session you can just point a post exploitation module to the session i.e collect the ms cache creds, or VNC passwords, add routes etc. To do this just type SHOW POST to view the modules.
Pick yourself up a copy from Amazon