Search icon Close icon
Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Checkout

Change country

Modal Close icon
Country selected Country selected
country flag Germany
Country selected
country flag Slovakia
Country selected
country flag Canada
Country selected
country flag Brazil
Country selected
country flag Singapore
Country selected
country flag Hungary
Country selected
country flag Philippines
Country selected
country flag Mexico
Country selected
country flag Thailand
Country selected
country flag Ukraine
Country selected
country flag Luxembourg
Country selected
country flag Estonia
Country selected
country flag Lithuania
Country selected
country flag Norway
Country selected
country flag Chile
Country selected
country flag United States
Country selected
country flag Great Britain
Country selected
country flag India
Country selected
country flag Spain
Country selected
country flag South Korea
Country selected
country flag Ecuador
Country selected
country flag Colombia
Country selected
country flag Taiwan
Country selected
country flag Switzerland
Country selected
country flag Indonesia
Country selected
country flag Cyprus
Country selected
country flag Denmark
Country selected
country flag Finland
Country selected
country flag Poland
Country selected
country flag Malta
Country selected
country flag Czechia
Country selected
country flag New Zealand
Country selected
country flag Austria
Country selected
country flag Turkey
Country selected
country flag France
Country selected
country flag Sweden
Country selected
country flag Italy
Country selected
country flag Egypt
Country selected
country flag Belgium
Country selected
country flag Portugal
Country selected
country flag Slovenia
Country selected
country flag Ireland
Country selected
country flag Romania
Country selected
country flag Greece
Country selected
country flag Argentina
Country selected
country flag Malaysia
Country selected
country flag South Africa
Country selected
country flag Netherlands
Country selected
country flag Bulgaria
Country selected
country flag Latvia
Country selected
country flag Australia
Country selected
country flag Japan
Country selected
country flag Russia
Country selected
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Home > Security > Penetration Testing > Hands-On Web Penetration Testing with Metasploit
Hands-On Web Penetration Testing with Metasploit
Hands-On Web Penetration Testing with Metasploit

Hands-On Web Penetration Testing with Metasploit: The subtle art of using Metasploit 5.0 for web application exploitation

Arrow left icon
Profile Icon Harpreet Singh Profile Icon Himanshu Sharma
Arrow right icon
€18.99 per month
Full star icon Full star icon Full star icon Full star icon Empty star icon 4 (2 Ratings)
Paperback May 2020 544 pages 1st Edition
eBook
€19.99 €28.99
Paperback
€37.99
Subscription
Free Trial
Renews at €18.99p/m
Arrow left icon
Profile Icon Harpreet Singh Profile Icon Himanshu Sharma
Arrow right icon
€18.99 per month
Full star icon Full star icon Full star icon Full star icon Empty star icon 4 (2 Ratings)
Paperback May 2020 544 pages 1st Edition
eBook
€19.99 €28.99
Paperback
€37.99
Subscription
Free Trial
Renews at €18.99p/m
eBook
€19.99 €28.99
Paperback
€37.99
Subscription
Free Trial
Renews at €18.99p/m

What do you get with a Packt Subscription?

Free for first 7 days. $19.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing
Table of content icon View table of contents Preview book icon Preview Book

Hands-On Web Penetration Testing with Metasploit

Introduction to Web Application Penetration Testing

In today's world, there are automated tools and SaaS solutions that can test the security of a system or application. Automation often fails at a logical level when an application needs to be tested for business-logic flaws. It is important to learn how the penetration tester can help organizations stay a step ahead of cyber attacks and why the organization needs to follow a strict patch-management cycle to secure their assets.

In this book, you will learn how to perform a penetration test on web applications that are built on different platforms using the famous Metasploit framework. As most of us have heard about this tool and its importance in regular penetration tests, this book will be focused on how we can perform penetration testing on a variety of web applications, such as content management systems (CMSes) and content...

What is a penetration test?

Penetration testing, also known as pen testing, is an authorized attack on a computer system that is done to evaluate the security of the system/network. The test is performed to identify vulnerabilities and the risks they pose. A typical penetration test is a five-stage process that identifies the target systems, their vulnerabilities, and the exploitability of each vulnerability. The goal is to find as many vulnerabilities as possible and report back in a universally acceptable format for the client to understand. Let's look at the different types of penetration testing in the next section.

Types of penetration test

Depending upon the client's requirement, penetration tests can be categorized into three types:

  • White box
  • Black box
  • Gray box

We will discuss each of these in the following sections.

White box penetration test

A white box penetration test, or a glass box or clear box penetration test, is a type of test in which the information and details regarding the target system, network, or application are fully shared by the client, such as the login credentials of the systems, the SSH/Telnet login for the network devices, and the application source code that needs to be tested. Since the information retrieved from the client regarding their system, network, or application is highly sensitive, it is recommended...

Stages of penetration testing

To have a better understanding of penetration testing, let's go through the stages of the process:

  • Stage 1: Reconnaissance
  • Stage 2: Enumeration
  • Stage 3: Vulnerability assessment and analysis
  • Stage 4: Exploitation (includes the post-exploitation period)
  • Stage 5: Reporting

This can be seen in the following diagram:

Each and every stage has its own set of tools and techniques that can be used to perform the testing efficiently.

Reconnaissance and information gathering

Reconnaissance is the very first stage of performing a penetration test. In this stage, a pen tester will try to identify the system or application in question and find as much information as they can about it. This is the...

Important terminologies

Now that we are familiar with the standards, let's now cover the important terminology that we will be using a lot in the upcoming chapters:

  • Vulnerability: A weakness in a system that may allow an attacker to gain unauthorized access to it.
  • Spoofing: A situation where an individual or program successfully masks data as something else in order to obtain an unlawful advantage.
  • Exploit: A piece of code, a program, a method, or a sequence of commands that takes advantage of a vulnerability to gain unauthorized access to a system/application.
  • Payload: The actual code that is executed on the system after/during exploitation to perform the desired task.
  • Risk: Anything that can affect the confidentiality, integrity, and availability of data. Unpatched software, misconfigured servers, unsafe internet surfing habits, and so on all contribute to risk.
  • Threat...

Penetration testing methodologies

As we all know, there are no official penetration testing standards defined; however, our security community has introduced a few standards for all security personnel to follow. Some of the commonly known standards are the Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), and the Information Systems Security Assessment Framework (ISSAF). Most of them follow the same methodology, but their phases have been named differently. We will take a look at each of them in the following sections and cover PTES in detail.

Open Source Security Testing Methodology Manual (OSSTMM)

The definition of the OSSTMM is mentioned on their official website...

Common Weakness Enumeration (CWE)

In this section, we will talk about the Common Weakness Enumeration (CWE). The CWE is a universal online dictionary of weaknesses that have been found in computer software. In this section, we will cover two well-known CWEs—the OWASP Top 10 and the SANS Top 25.

OWASP Top 10

Open Web Application Security Project (OWASP) is an organization that provides computer and internet applications with impartial, realistic, and cost-effective information.

The current list for 2020 contains the following bugs:

  • Injection
  • Broken authentication
  • Sensitive data exposure
  • XML external entities (XXE)
  • Broken access control
  • Security misconfigurations
  • Cross-site scripting (XSS)
  • Insecure deserialization
    • ...

Summary

In this chapter, we started with the introduction to penetration testing and its types and stages. We covered the pen testing methodologies and life cycle and we looked at some important terminology. Then, we looked at the OWASP Top 10 and SANS Top 25.

In the next chapter, we will learn about the essentials of Metasploit including the Metasploit framework, installation, and setup.

Questions

  1. Is there a database that maintains the Common Weakness Enumeration (CWE) list?

  2. Where can I find the OWASP Top 10 and SANS Top 25 lists?

  3. Are the tools required to perform a penetration test free?

  4. How do the OSSTMM- and PTES-based penetration tests differ?

Further reading

Left arrow icon

Page 1 of 10

Right arrow icon
Download code icon Download Code

Key benefits

  • Get up to speed with Metasploit and discover how to use it for pentesting
  • Understand how to exploit and protect your web environment effectively
  • Learn how an exploit works and what causes vulnerabilities

Description

Metasploit has been a crucial security tool for many years. However, there are only a few modules that Metasploit has made available to the public for pentesting web applications. In this book, you'll explore another aspect of the framework – web applications – which is not commonly used. You'll also discover how Metasploit, when used with its inbuilt GUI, simplifies web application penetration testing. The book starts by focusing on the Metasploit setup, along with covering the life cycle of the penetration testing process. Then, you will explore Metasploit terminology and the web GUI, which is available in the Metasploit Community Edition. Next, the book will take you through pentesting popular content management systems such as Drupal, WordPress, and Joomla, which will also include studying the latest CVEs and understanding the root cause of vulnerability in detail. Later, you'll gain insights into the vulnerability assessment and exploitation of technological platforms such as JBoss, Jenkins, and Tomcat. Finally, you'll learn how to fuzz web applications to find logical security vulnerabilities using third-party tools. By the end of this book, you'll have a solid understanding of how to exploit and validate vulnerabilities by working with various tools and techniques.

Who is this book for?

This book is for web security analysts, bug bounty hunters, security professionals, or any stakeholder in the security sector who wants to delve into web application security testing. Professionals who are not experts with command line tools or Kali Linux and prefer Metasploit’s graphical user interface (GUI) will also find this book useful. No experience with Metasploit is required, but basic knowledge of Linux and web application pentesting will be helpful.

What you will learn

  • Get up to speed with setting up and installing the Metasploit framework
  • Gain first-hand experience of the Metasploit web interface
  • Use Metasploit for web-application reconnaissance
  • Understand how to pentest various content management systems
  • Pentest platforms such as JBoss, Tomcat, and Jenkins
  • Become well-versed with fuzzing web applications
  • Write and automate penetration testing reports

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : May 22, 2020
Length: 544 pages
Edition : 1st
Language : English
ISBN-13 : 9781789953527
Vendor :
Rapid7
Category :
Security
Languages :
Python
Concepts :
Penetration Testing
Tools :
Metasploit

What do you get with a Packt Subscription?

Free for first 7 days. $19.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing

Product Details

Publication date : May 22, 2020
Length: 544 pages
Edition : 1st
Language : English
ISBN-13 : 9781789953527
Vendor :
Rapid7
Category :
Security
Languages :
Python
Concepts :
Penetration Testing
Tools :
Metasploit

Packt Subscriptions

See our plans and pricing
Modal Close icon
€18.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
START FREE TRIAL
BUY NOW
€189.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts
START FREE TRIAL
BUY NOW
€264.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts
START FREE TRIAL
BUY NOW

Frequently bought together

Hands-On Web Penetration Testing with Metasploit
Hands-On Web Penetration Testing with Metasploit
Read more
May 2020 544 pages
Full star icon 4 (2)
eBook
eBook
  • eBook eBook €19.99
  • Paperback Paperback €37.99
€19.99 €28.99
€37.99
Mastering Metasploit
Mastering Metasploit
Read more
Jun 2020 502 pages
Full star icon 3.5 (4)
eBook
eBook
  • eBook eBook €20.98
  • Paperback Paperback €36.99
€20.98 €29.99
€36.99
Cybersecurity Attacks – Red Team Strategies
Cybersecurity Attacks – Red Team Strategies
Read more
Mar 2020 524 pages
Full star icon 4.8 (9)
eBook
eBook
  • eBook eBook €17.99
  • Paperback Paperback €32.99
€17.99 €26.99
€32.99
Stars icon
Total 107.97
Hands-On Web Penetration Testing with Metasploit
€37.99
Mastering Metasploit
€36.99
Cybersecurity Attacks – Red Team Strategies
€32.99
Total 107.97 Stars icon
Banner background image

Table of Contents

22 Chapters
Introduction Chevron down icon Chevron up icon
Introduction
Introduction to Web Application Penetration Testing Chevron down icon Chevron up icon
Introduction to Web Application Penetration Testing
What is a penetration test?
Types of penetration test
Stages of penetration testing
Important terminologies
Penetration testing methodologies
Common Weakness Enumeration (CWE)
Summary
Questions
Further reading
Metasploit Essentials Chevron down icon Chevron up icon
Metasploit Essentials
Technical requirements
Introduction to Metasploit Framework
Metasploit Framework terminology
Installing and setting up Metasploit
Getting started with Metasploit Framework
Summary
Questions
Further reading
The Metasploit Web Interface Chevron down icon Chevron up icon
The Metasploit Web Interface
Technical requirements
Introduction to the Metasploit web interface
Installing and setting up the web interface
Getting started with the Metasploit web interface
Summary
Questions
Further reading
The Pentesting Life Cycle with Metasploit Chevron down icon Chevron up icon
The Pentesting Life Cycle with Metasploit
Using Metasploit for Reconnaissance Chevron down icon Chevron up icon
Using Metasploit for Reconnaissance
Technical requirements
Introduction to reconnaissance
Active reconnaissance
Passive reconnaissance
Summary
Questions
Further reading
Web Application Enumeration Using Metasploit Chevron down icon Chevron up icon
Web Application Enumeration Using Metasploit
Technical requirements
Introduction to enumeration
Enumerating files
Summary
Questions
Further reading
Vulnerability Scanning Using WMAP Chevron down icon Chevron up icon
Vulnerability Scanning Using WMAP
Technical requirements
Understanding WMAP
The WMAP scanning process
WMAP module execution order
Adding a module to WMAP
Clustered scanning using WMAP
Summary
Questions
Further reading
Vulnerability Assessment Using Metasploit (Nessus) Chevron down icon Chevron up icon
Vulnerability Assessment Using Metasploit (Nessus)
Technical requirements
Introduction to Nessus
Basic commands
Performing a Nessus scan via Metasploit
Summary
Questions
Further reading
Pentesting Content Management Systems (CMSes) Chevron down icon Chevron up icon
Pentesting Content Management Systems (CMSes)
Pentesting CMSes - WordPress Chevron down icon Chevron up icon
Pentesting CMSes - WordPress
Technical requirements
Introduction to WordPress
WordPress reconnaissance and enumeration
Vulnerability assessment for WordPress
WordPress exploitation part 1 – WordPress Arbitrary File Deletion
WordPress exploitation part 2 – unauthenticated SQL injection
WordPress exploitation part 3 – WordPress 5.0.0 Remote Code Execution
Going the extra mile – customizing the Metasploit exploit
Summary
Questions
Further reading
Pentesting CMSes - Joomla Chevron down icon Chevron up icon
Pentesting CMSes - Joomla
Technical requirements
An introduction to Joomla
The Joomla architecture
Reconnaissance and enumeration
Enumerating Joomla plugins and modules using Metasploit
Performing vulnerability scanning with Joomla
Joomla exploitation using Metasploit
Joomla shell upload
Summary
Questions
Further reading
Pentesting CMSes - Drupal Chevron down icon Chevron up icon
Pentesting CMSes - Drupal
Technical requirements
Introduction to Drupal and its architecture
Drupal reconnaissance and enumeration
Drupal vulnerability scanning using droopescan
Exploiting Drupal
Summary
Questions
Further reading
Performing Pentesting on Technological Platforms Chevron down icon Chevron up icon
Performing Pentesting on Technological Platforms
Penetration Testing on Technological Platforms - JBoss Chevron down icon Chevron up icon
Penetration Testing on Technological Platforms - JBoss
Technical requirements
An introduction to JBoss
Reconnaissance and enumeration
Performing a vulnerability assessment on JBoss AS
JBoss exploitation
Summary
Questions
Further reading
Penetration Testing on Technological Platforms - Apache Tomcat Chevron down icon Chevron up icon
Penetration Testing on Technological Platforms - Apache Tomcat
Technical requirements
An introduction to Tomcat
The Apache Tomcat architecture
Files and their directory structures
Detecting Tomcat installations
Version detection
Exploiting Tomcat
An introduction to Apache Struts
Summary
Questions
Further reading
Penetration Testing on Technological Platforms - Jenkins Chevron down icon Chevron up icon
Penetration Testing on Technological Platforms - Jenkins
Technical requirements
Introduction to Jenkins
Jenkins terminology
Jenkins reconnaissance and enumeration
Exploiting Jenkins
Summary
Questions
Further reading
Logical Bug Hunting Chevron down icon Chevron up icon
Logical Bug Hunting
Web Application Fuzzing - Logical Bug Hunting Chevron down icon Chevron up icon
Web Application Fuzzing - Logical Bug Hunting
Technical requirements
What is fuzzing?
Fuzzing terminology
Fuzzing attack types
Introduction to web app fuzzing
Identifying web application attack vectors
Summary
Questions
Further reading
Writing Penetration Testing Reports Chevron down icon Chevron up icon
Writing Penetration Testing Reports
Technical requirements
Introduction to report writing
Introduction to Dradis Framework
Working with Serpico
Summary
Questions
Further reading
Assessment Chevron down icon Chevron up icon
Assessment
Chapter 1
Chapter 2
Chapter 3
Chapter 4
Chapter 5
Chapter 6
Chapter 7
Chapter 8
Chapter 9
Chapter 10
Chapter 11
Chapter 12
Chapter 13
Chapter 14
Chapter 15
Other Books You May Enjoy Chevron down icon Chevron up icon
Other Books You May Enjoy
Leave a review - let other readers know what you think

Recommendations for you

Left arrow icon
Unveiling NIST Cybersecurity Framework 2.0
Unveiling NIST Cybersecurity Framework 2.0
Read more
Oct 2024 182 pages
eBook
eBook
  • eBook eBook €17.99
  • Paperback Paperback €33.99
€17.99 €26.99
€33.99
Mastering Linux Security and Hardening
Mastering Linux Security and Hardening
Read more
Feb 2023 618 pages
Full star icon 4.6 (34)
eBook
eBook
  • eBook eBook €20.98
  • Paperback Paperback €37.99
€20.98 €29.99
€37.99
Malware Development for Ethical Hackers
Malware Development for Ethical Hackers
Read more
Jun 2024 390 pages
Full star icon 4.3 (9)
eBook
eBook
  • eBook eBook €22.99
  • Paperback Paperback €28.99
€22.99 €32.99
€28.99 €41.99
The Ultimate Linux Shell Scripting Guide
The Ultimate Linux Shell Scripting Guide
Read more
Oct 2024 696 pages
Full star icon 5 (1)
eBook
eBook
  • eBook eBook €22.99
  • Paperback Paperback €41.99
€22.99 €32.99
€41.99
Microsoft 365 Administration Cookbook
Microsoft 365 Administration Cookbook
Read more
Nov 2024 516 pages
eBook
eBook
  • eBook eBook €17.99
  • Paperback Paperback €33.99
€17.99 €26.99
€33.99
Mastering Microsoft Intune
Mastering Microsoft Intune
Read more
Mar 2024 822 pages
Full star icon 4.6 (26)
eBook
eBook
  • eBook eBook €22.99
  • Paperback Paperback €30.99
€22.99 €32.99
€30.99 €41.99
The Ultimate Kali Linux Book
The Ultimate Kali Linux Book
Read more
Apr 2024 828 pages
Full star icon 4.8 (27)
eBook
eBook
  • eBook eBook €22.99
  • Paperback Paperback €28.99
€22.99 €32.99
€28.99 €41.99
CISA – Certified Information Systems Auditor Study Guide
CISA – Certified Information Systems Auditor Study Guide
Read more
Oct 2024 356 pages
eBook
eBook
  • eBook eBook €20.98
  • Paperback Paperback €37.99
€20.98 €29.99
€37.99
CompTIA Security+ SY0-701 Certification Guide
CompTIA Security+ SY0-701 Certification Guide
Read more
Jan 2024 634 pages
Full star icon 4.9 (226)
Paperback
Paperback
  • Paperback Paperback €33.99
€33.99
The Software Developer's Guide to Linux
The Software Developer's Guide to Linux
Read more
Jan 2024 300 pages
Full star icon 4.8 (24)
eBook
eBook
  • eBook eBook €15.99
  • Paperback Paperback €29.99
€15.99 €23.99
€29.99
Right arrow icon

Customer reviews

Rating distribution
Full star icon Full star icon Full star icon Full star icon Empty star icon 4
(2 Ratings)
5 star 50%
4 star 0%
3 star 50%
2 star 0%
1 star 0%
Wisnu Dwi Hidayat Jun 10, 2020
Full star icon Full star icon Full star icon Full star icon Full star icon 5
If you are learning and want to know and deep to practice in web penetration, and everyone who interesting in web penetration, this book is very useful. It may upgrade your knowledge.
Amazon Verified review Amazon
Jeff Welch May 31, 2021
Full star icon Full star icon Full star icon Empty star icon Empty star icon 3
This book seems to have some great content and I was excited to use the capabilities of the GUI metasploit only to find out that the vendor no longer provides a free community edition. To use the "pro" version is only $15000 per year. Unfortunately, this makes a lot of the content in the book null and void for those of us just trying to learn.
Amazon Verified review Amazon

People who bought this also bought

Left arrow icon
Learn Computer Forensics – 2nd edition
Learn Computer Forensics – 2nd edition
Read more
Jul 2022 434 pages
Full star icon 4.8 (63)
eBook
eBook
  • eBook eBook €20.98
  • Paperback Paperback €27.99
  • Audiobook Audiobook €35.99
€20.98 €29.99
€27.99 €37.99
€35.99
Digital Forensics and Incident Response
Digital Forensics and Incident Response
Read more
Dec 2022 532 pages
Full star icon 4.9 (15)
eBook
eBook
  • eBook eBook €22.99
  • Paperback Paperback €41.99
  • Audiobook Audiobook €43.99
€22.99 €32.99
€41.99
€43.99
Mastering Windows Security and Hardening
Mastering Windows Security and Hardening
Read more
Aug 2022 816 pages
Full star icon 4.8 (20)
eBook
eBook
  • eBook eBook €22.99
  • Paperback Paperback €41.99
€22.99 €32.99
€41.99
Cybersecurity – Attack and Defense Strategies, 3rd edition
Cybersecurity – Attack and Defense Strategies, 3rd edition
Read more
Sep 2022 570 pages
Full star icon 4.9 (42)
eBook
eBook
  • eBook eBook €17.99
  • Paperback Paperback €31.99
€17.99 €25.99
€31.99
Mastering Linux Security and Hardening
Mastering Linux Security and Hardening
Read more
Feb 2023 618 pages
Full star icon 4.6 (34)
eBook
eBook
  • eBook eBook €20.98
  • Paperback Paperback €37.99
€20.98 €29.99
€37.99
Right arrow icon

About the authors

Left arrow icon
Profile icon Harpreet Singh
Harpreet Singh
Harpreet is a professional with 8+ years of experience in the field of Ethical Hacking, Penetration Testing, Vulnerability Research & Red Teaming. He is the author of "Hands-On: Web Penetration Testing with Metasploit" and "Hands-On: Red Team Tactics" published by Packt Publishing. He's also an OSCP, OSWP, CRTP certified professional. Over the years of his experience, Harpreet has acquired the Offensive & Defensive skill set. He is a professional who specializes in Wireless & network exploitation including but not limited to Mobile exploitation, Web Application exploitation and he has also performed few Red Team Engagements in Banks & Financial Groups.
Read more
See other products by Harpreet Singh
Profile icon Himanshu Sharma
Himanshu Sharma
Himanshu Sharma has been in the field of security since 2009 and has been listed in the halls of fame of Apple, Google, Microsoft, Facebook, and many more. He has helped celebrities such as Harbhajan Singh in recovering their hacked accounts. He has been a speaker at various conferences worldwide such as BotConf, CONFidence, Hack In the Box, SINCON, Sec-T, Hackcon, and numerous others. Currently, he is the co-founder of BugsBounty. He also authored multiple bestsellers titled "Kali Linux - An Ethical Hacker's Cookbook", " Hands-On Red Team Tactics" and "Hands-On Web Pentesting with Metasploit."
Read more
See other products by Himanshu Sharma
Right arrow icon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is included in a Packt subscription? Chevron down icon Chevron up icon

A subscription provides you with full access to view all Packt and licnesed content online, this includes exclusive access to Early Access titles. Depending on the tier chosen you can also earn credits and discounts to use for owning content

How can I cancel my subscription? Chevron down icon Chevron up icon

To cancel your subscription with us simply go to the account page - found in the top right of the page or at https://subscription.packtpub.com/my-account/subscription - From here you will see the ‘cancel subscription’ button in the grey box with your subscription information in.

What are credits? Chevron down icon Chevron up icon

Credits can be earned from reading 40 section of any title within the payment cycle - a month starting from the day of subscription payment. You also earn a Credit every month if you subscribe to our annual or 18 month plans. Credits can be used to buy books DRM free, the same way that you would pay for a book. Your credits can be found in the subscription homepage - subscription.packtpub.com - clicking on ‘the my’ library dropdown and selecting ‘credits’.

What happens if an Early Access Course is cancelled? Chevron down icon Chevron up icon

Projects are rarely cancelled, but sometimes it's unavoidable. If an Early Access course is cancelled or excessively delayed, you can exchange your purchase for another course. For further details, please contact us here.

Where can I send feedback about an Early Access title? Chevron down icon Chevron up icon

If you have any feedback about the product you're reading, or Early Access in general, then please fill out a contact form here and we'll make sure the feedback gets to the right team. 

Can I download the code files for Early Access titles? Chevron down icon Chevron up icon

We try to ensure that all books in Early Access have code available to use, download, and fork on GitHub. This helps us be more agile in the development of the book, and helps keep the often changing code base of new versions and new technologies as up to date as possible. Unfortunately, however, there will be rare cases when it is not possible for us to have downloadable code samples available until publication.

When we publish the book, the code files will also be available to download from the Packt website.

How accurate is the publication date? Chevron down icon Chevron up icon

The publication date is as accurate as we can be at any point in the project. Unfortunately, delays can happen. Often those delays are out of our control, such as changes to the technology code base or delays in the tech release. We do our best to give you an accurate estimate of the publication date at any given time, and as more chapters are delivered, the more accurate the delivery date will become.

How will I know when new chapters are ready? Chevron down icon Chevron up icon

We'll let you know every time there has been an update to a course that you've bought in Early Access. You'll get an email to let you know there has been a new chapter, or a change to a previous chapter. The new chapters are automatically added to your account, so you can also check back there any time you're ready and download or read them online.

I am a Packt subscriber, do I get Early Access? Chevron down icon Chevron up icon

Yes, all Early Access content is fully available through your subscription. You will need to have a paid for or active trial subscription in order to access all titles.

How is Early Access delivered? Chevron down icon Chevron up icon

Early Access is currently only available as a PDF or through our online reader. As we make changes or add new chapters, the files in your Packt account will be updated so you can download them again or view them online immediately.

How do I buy Early Access content? Chevron down icon Chevron up icon

Early Access is a way of us getting our content to you quicker, but the method of buying the Early Access course is still the same. Just find the course you want to buy, go through the check-out steps, and you’ll get a confirmation email from us with information and a link to the relevant Early Access courses.

What is Early Access? Chevron down icon Chevron up icon

Keeping up to date with the latest technology is difficult; new versions, new frameworks, new techniques. This feature gives you a head-start to our content, as it's being created. With Early Access you'll receive each chapter as it's written, and get regular updates throughout the product's development, as well as the final course as soon as it's ready.We created Early Access as a means of giving you the information you need, as soon as it's available. As we go through the process of developing a course, 99% of it can be ready but we can't publish until that last 1% falls in to place. Early Access helps to unlock the potential of our content early, to help you start your learning when you need it most. You not only get access to every chapter as it's delivered, edited, and updated, but you'll also get the finalized, DRM-free product to download in any format you want when it's published. As a member of Packt, you'll also be eligible for our exclusive offers, including a free course every day, and discounts on new and popular titles.