Penetration testing is the one necessity required everywhere in business today. With the rise of cyber and computer-based crime in the past few years, penetration testing has become one of the core aspects of network security and helps in keeping a business secure from internal as well as external threats. The reason that makes penetration testing a necessity is that it helps in uncovering the potential flaws in a network, a system, or application. Moreover, it helps in identifying weaknesses and threats from an attacker's perspective. Various potential flaws in a system are exploited to find out the impact they can cause to an organization, and the risk factors to the assets as well. However, the success rate of a penetration test depends primarily on the knowledge of the target under test. Therefore, we approach a penetration test using two different methods: black box testing and white box testing. Black box testing refers to testing where there is no prior knowledge of the target under test. Therefore, a penetration tester kicks off testing by collecting information about the target systematically. Whereas, in the case of a white box penetration test, a penetration tester has enough knowledge about the target under test and he starts off by identifying the known and unknown weaknesses of the target. A penetration test is divided into seven different phases, which are as follows:
- Pre-engagement interactions: This step defines all the pre-engagement activities and scope definitions, basically everything you need to discuss with the client before the testing starts.
- Intelligence gathering: This phase is all about collecting information about the target under test, by connecting to the target directly or passively, without connecting to the target at all.
- Threat modeling: This phase involves matching the information uncovered to the assets to find the areas with the highest threat level.
- Vulnerability analysis: This involves finding and identifying known and unknown vulnerabilities and validating them.
- Exploitation: This phase works on taking advantage of the vulnerabilities discovered in the previous phase. This typically means that we are trying to gain access to the target.
- Post-exploitation: The actual tasks to perform at the target, which involve downloading a file, shutting a system down, creating a new user account on the target, and so on, are parts of this phase. This phase describes what you need to do after exploitation.
- Reporting: This phase includes summing up the results of the test in a file and the possible suggestions and recommendations to fix the current weaknesses in the target.
The seven phases just mentioned may look easier when there is a single target under test. However, the situation completely changes when a vast network that contains hundreds of systems are to be tested. Therefore, in a situation like this, manual work is replaced with an automated approach. Consider a scenario where the number of systems under test is exactly 100, and all are running the same operating system and services. Testing each and every system manually will consume much time and energy. Situations like these demand the use of a penetration testing framework. The use of a penetration testing framework will not only save time, but will also offer much more flexibility regarding changing the attack vectors and covering a much wider range of targets under test. A penetration testing framework will eliminate additional time consumption and will also help in automating most of the attack vectors; scanning processes; identifying vulnerabilities, and most importantly, exploiting the vulnerabilities; thus saving time and pacing a penetration test. This is where Metasploit kicks in.
Metasploit is considered one of the best and most widely used penetration testing frameworks. With a lot of rep in the IT security community, Metasploit not only caters to the needs of being an excellent penetration test framework, but also delivers innovative features that make the life of a penetration tester easy.
Metasploit Bootcamp aims at providing readers with insights into the most popular penetration testing framework, Metasploit. This book specifically focuses on conducting a penetration test with Metasploit while uncovering the many great features Metasploit offers over traditional penetration testing. The book covers in-depth scanning techniques, exploitation of various real-world software, post-exploitation, testing for services such as SCADA, VOIP, MSSQL, MySQL, Android Exploitation, AV evasion techniques, and much more in a boot camp-style approach. You will also find yourself scratching your head while completing self-driven exercises which are meant to be challenging.