Preface
Penetration testing is one of the core aspects of network security in today's scenario. It involves a complete analysis of the system by implementing real-life security tests. It helps in identifying potential weaknesses in the system's major components which can occur either in its hardware or software. The reason which makes penetration testing an important aspect of security is that it helps in identifying threats and weaknesses from a hacker's perspective. Loopholes can be exploited in real time to figure out the impact of vulnerability and then a suitable remedy or patch can be explored in order to protect the system from any outside attack and reduce the risk factors.
The biggest factor that determines the feasibility of penetration testing is the knowledge about the target system. Black box penetration testing is implemented when there is no prior knowledge of the target user. A pen-tester will have to start from scratch by collecting every bit of information about the target system in order to implement an attack. In white box testing, the complete knowledge about the target is known and the tester will have to identify any known or unknown weakness that may exist. Either of the two methods of penetration testing are equally difficult and are environment specific. Industry professionals have identified some of the key steps that are essential in almost all forms of penetration testing. These are:
- Target discovery and enumeration: Identifying the target and collecting basic information about it without making any physical connection with it
- Vulnerability identification: Implementing various discovery methods such as scanning, remote login, and network services, to figure out different services and software running on the target system
- Exploitation: Exploiting a known or an unknown vulnerability in any of the software or services running on the target system
- Level of control after exploitation: This is the level of access that an attacker can get on the target system after a successful exploitation
- Reporting: Preparing an advisory about the vulnerability and its possible counter measures
These steps may appear few in number, but in fact a complete penetration testing of a high-end system with lots of services running on it can take days or even months to complete. The reason which makes penetration testing a lengthy task is that it is based on the "trial and error" technique. Exploits and vulnerabilities depend a lot on the system configuration so we can never be certain that a particular exploit will be successful or not unless we try it. Consider the example of exploiting a Windows-based system that is running 10 different services. A pen-tester will have to identify if there are any known vulnerabilities for those 10 different services. Once they are identified, the process of exploitation starts. This is a small example where we are considering only one system. What if we have an entire network of such systems to penetrate one by one?
This is where a penetration testing framework comes into action. They automate several processes of testing like scanning the network, identifying vulnerabilities based on available services and their versions, auto-exploit, and so on. They speed up the pen-testing process by proving a complete control panel to the tester from where he/she can manage all the activities and monitor the target systems effectively. The other important benefit of the penetration testing framework is report generation. They automate the process of saving the penetration testing results and generate reports that can be saved for later use, or can be shared with other peers working remotely.
Metasploit Penetration Testing Cookbook aims at helping the readers in mastering one of the most widely used penetration testing frameworks of today's scenarios. The Metasploit framework is an open source platform that helps in creating real-life exploitation scenarios along with other core functionalities of penetration testing. This book will take you to an exciting journey of exploring the world of Metasploit and how it can be used to perform effective pen-tests. This book will also cover some other extension tools that run over the framework and enhance its functionalities to provide a better pen-testing experience.