Read more
Mastering Nexpose and Metasploit: A Lab-Based Approach to Mastery provides tactics on how to perform penetration tests and vulnerability management using the power of Nexpose and Metasploit together, leveraging their strengths to provide readers with the most complete arsenal of hacking and pen testing tools. The book will help users meet their information security and compliance needs.
Metasploit has rapidly become a go-to tool for hackers, pen testers, and InfoSec professionals, and Metasploit's integration with Nexpose has introduced new synergies that enable both products to be used more effectively together than on their own. When used together, Nexpose and Metasploit will help identify any weaknesses in systems or networks.
The author demonstrates how to get the most out of Nexpose and Metasploit, teaching how to install, update, and configure the software, then moving on to advanced techniques. Users will create the lab environment using configured lab machines and links to trial software that complete the lab experience.
Illustrates how to leverage Nexpose and Metasploit to perform penetration tests and vulnerability management
Features a lab-based approach, with an online lab disk available for download
Details the integration of the Rapid7 software, with exercises that reinforce the topics covered
Introduces new synergies that enable Metasploit and Nexpose to be used more effectively in combination than separately
List of contents
Introduction
Penetration Testing Life Cycle
Introduction to Nexpose
Windows Installation
Linux Installation
Updating and Maintaining Nexpose
Deployment Strategy
Automated Workflow
Asset Discovery
Virtualized System Assessment
Vulnerability Validation
Risk Prioritization
Nexpose Output and Reporting
Introduction to Metasploit
Installing Metasploit
User Interface
Updating and Maintaining Metasploit
Deployment Strategy
Importing Nexpose Results
Network Discovery
Password Auditing
Exploitation
Metamodules
Data Management and Reporting
Advanced Techniques
Lab Resources
Rules of Engagement
Penetration Test Reporting
Presenting Results
About the author
James Broad (CISSP, C|EH, CPTS, Security, MBA) is the President and owner of Cyber-Recon, LLC, where he and his team of consultants specialize in Information Security, Information Assurance, Certification and Accreditation and offer other security consultancy services to corporate and government clients. As a security professional with over 20 years of real-world IT experience, James is an expert in many areas of IT security, specializing in security engineering, penetration testing, vulnerability analysis and research. He has provided security services in the nation's most critical sectors including defense, law enforcement, intelligence, finance and healthcare.
