Media praise for Metasploit

Have a blog? Join our Reader Review Program

"A valuable resource for people who are interested in security but don't have the time or money to take a training class on Metasploit."
-- eldavojohn, Slashdot.org

"A book that should be on the shelf of any serious computer security professional. And if you're just starting to dabble in the world of network security, this is a great resource to start your journey."
-- Thomas Duff, Duffbert's Random Musings

"Detailed chapters on interfaces, the program's module system, and more make this a 'must have' reference."
-- James A. Cox, The Midwest Book Review: California Bookwatch, November 2011, Volume 6, Number 11

"You simply cannot go wrong with this book if you want to learn more about Metasploit, or even if you want to learn more about penetration testing. Hands down, my new favorite Metasploit book."
-- Sam Stover, ;login: The Usenix Magazine, August 2012

"As working closely with IT systems, this is the book I wish I have read a long time ago. Written by David Kennedy, Jim O'Gorman, Devon Kearns and Mati Aharoni, all working in Security and contributing to security tools, the book describes precisely how a modern professional attack against an IT infrastructure is happening with the Metasploit framework." Full Review >
-- Fabien Vauthey, www.blackspotradish.com/wp/blog/

"A must read for Information Security Professionals and Stake Holders: This Guide offers a wealth of information to both the novice as Tutorial and the experienced as Reference. For starters, the Novice will learn relevant steps on how to get started; and the Experienced with benefit from the discussions on Methodology. Program Managers and Stake Holders will benefit from a managers perspective" Full Review >
-- Virginia Benedict, www.socialtecheditor.net/blog

"Metasploit is the most common and complete framework for testing security. Metasploit is an entire suite of tools and methodologies designed for testing the security of computers and networks." Full Review >
-- Fabio Alessandro Locati, blog.grimp.eu

"I'm an accomplished test automation/performance engineer, but one area of testing that I'm pretty green at is penetration testing. Luckily, I came across Metasploit: The Penetration Tester's Guide, which is a book about penetration testing using the opensource Metasploit Framework testing and is a great introduction to security testing in general. " Full Review >
-- Joe Colantonio, www.joecolantonio.com

"Although not formally done so, the book can be considered to be structured in sections, with Chapters 1 to 6 forming the core, & the remaining 11 Chapters building on and around this. The core section takes the pen tester, through use of example, from the very basics of the craft to carrying out exploits. The examples used employ a combination of Back|Track, Ubuntu 9.04, Metasploitable, and Windows XP, where Back|Track serves as the vehicle for exploitation, and the Ubuntu and Windows systems act as the target systems...." Full Review >
-- Brian McSweeney, packetspersecond.wordpress.com/

"If you're seriously looking into doing some penetration testing, this is the book for you. The authors quickly take you through a crash course in metasploit basics and from there start building your foundation for discovery and exploitation. You'll start with basic navigation and OS fingerprinting and eventually get to opening up (root) sessions on the target machine through various vulnerabilities"”through the notorious MS08-067, client-side exploitation, web exploits, and even SQLServer exploits. You'll also cover some of the key auxiliary tools used"”sniffers, scanners, and crawlers. " Full Review >
-- Mat Powell, mrpowell80.tumblr.com/

""Metasploit: The Penetration Tester's Guide" was written by Mati Aharoni, Devon Kearns, Jim O'Gorman, and David Kennedy as the ultimate guide to the Metasploit Framework. " Full Review >
-- Nick Rapson, www.ranepcs.co.uk/?page_id=5



"A valuable resource for people who are interested in security but don't have the time or money to take a training class on Metasploit."
--eldavojohn, Slashdot.org