Quick Start Guide to Penetration Testing: With NMAP, OpenVAS and Metasploit
- Sagar Rahalkar
Get started with NMAP, OpenVAS, and Metasploit in this short book and understand how NMAP, OpenVAS, and Metasploit can be integrated with each other for greater flexibility and efficiency. You will begin by working with NMAP and ZENMAP and learning the basic scanning and enumeration process. After getting to know the differences between TCP and UDP scans, you will learn to fine tune your scans and efficiently use NMAP scripts. This will be followed by an introduction to OpenVAS vulnerability management system. You will then learn to configure OpenVAS and scan for and report vulnerabilities.
The next chapter takes you on a detailed tour of Metasploit and its basic commands and configuration. You will then invoke NMAP and OpenVAS scans from Metasploit. Lastly, you will take a look at scanning services with Metasploit and get to know more about Meterpreter, an advanced, dynamically extensible payload that is extended over the network at runtime.
The final part of the book concludes by pentesting a system in a real-world scenario, where you will apply the skills you have learnt.
What You Will Learn
- Carry out basic scanning with NMAP
- Invoke NMAP from Python
- Use vulnerability scanning and reporting with OpenVAS
- Master common commands in Metasploit
Who This Book Is For
Readers new to penetration testing who would like to get a quick start on it.
About the Author
Sagar Rahalkar is a seasoned information security professional having more than 11 years of comprehensive experience in various verticals of information security. His domain expertise is mainly in cyber crime investigations, digital forensics, application security, vulnerability assessment and penetration testing, compliance for mandates and regulations, and IT GRC. He holds a master’s degree in computer science and several industry recognized certifications such as Certified Cyber Crime Investigator, Certified Ethical Hacker, Certified Security Analyst, ISO 27001 Lead Auditor, IBM certified Specialist- Rational AppScan, Certified Information Security Manager (CISM), and PRINCE2 to name a few. He has been closely associated with Indian law enforcement agencies for over four years, dealing with digital crime investigations and related training for officers and has received several awards and appreciations from senior officials from police and defense organizations in India. He has written several books and articles on information security.
In this Book
Introduction to NMAP