170 points by cojant 2 months ago
I wish someone would release a good book on Metasploit. Every book and tutorial I've found has been either helpful but too short, out of date, or used an example which you couldn't follow along with (either because they used a feature in the paid for product or because they attacked a vulnerability in an old version of an application that you can't get anymore instead of using a vulnerability already in metasploitable n). In fact, if you want me to buy anything Metasploit related you should probably start by writing that book. Please, write that book, lol. I have no idea how to use your product.
No Starch Press prints a solid and deep Metasploit guide: https://nostarch.com/metasploit
As with lots of technology books, it's a little out of date but you can certainly get a handle on how to use Metasploit with it.
Amazon has a few books available, the most popular called "Metasploit: The Penetration Tester's Guide" but is a little outdated (2011) and "Advanced Penetration Testing: Hacking the World's Most Secure Networks" which mentions metasploit for its teachings and its more recent (2017)
Pretty sure that a 2011 metasploit book will be almost completely useless.
Seconded. I'm in a similar situation where I'm keen to try but can't get "into" it.
Looking now, there's an introduction to metasploit course on pluralsight. I've never tried it, but I may well try that and I'll report back on that.
why not search stackexchange for some examples
Crazy to think that it has been 15 years since I first booted up Metasploit. I can recall the screen glaring back at me -- with EFnet in the background -- in my dimly lit room like it was yesterday.
Man, those were the golden days no doubt. :)
Golden days of what exactly? Nostalgia?
Golden days of the pure hacker culture, I guess. The "underground" scenes (warez, vx, demo). Now it's all business.
A matter of perspective. The phreakers would disagree, the age of MSIE is a dark age IMO, having services enabled by default whilst connected to WAN was ridiculous, and here the laws got more and more repressive throughout the years.
If you played computer games in 90s or used a computer in general you were deemed a geek or nerd. Nowadays everyone and their mother has a smartphone plus internet connectivity at home. Meanwhile, technology gets more dystopian but that also provides moral opportunities...
I'd say the golden days were a decade or so earlier, but no doubt different scenes peaked at different times. The release of Second Reality in 93 was the high water mark for me.
I was never really into demos, so thank you, it looks very interesting, and the source code is released too . Will try to fill the gaps, even if just a little bit.
My high water mark was '96 when Aleph One released his stack smashing article in Phrack. So yeah, more than two decades, not 15 years.
It was absolutely all business 15 years ago.
You're not wrong. I definitely have strong nostalgia feelings towards that time in my life. But I also know that the scene was much more relaxed, enthused, and fun in those days. Maybe some of it has carried over to now, but I highly doubt it.