Metasploit, 2nd Edition

It's everything I expect for a clear, concise, and straight to the point guide/refresher on using the Metasploit Framework. It's up to date too for the year 2025 (This review was written on 4/4/2025).The parts I like or looking forward to is Chapter 1 which references the PTES Methodology and Chapters 15 & 16 which demonstrates (book-wise) a simulated Pentest and talks about Pentesting the Cloud (uses AWS in this chapter) respectively!Also, Chapter 3 Intel gathering shows you just 3 parameters you commonly need when using Nmap (and db_nmap for the msfconsole too), one of which is the parameter for Stealth Scanning (TCP Scanning which is "-sS", this differs from avoiding Firewalls and IDS/IPSs). There are tools shown and explained that are not specificly Metasploit but is used to complement Metasploit e.g Aircrack-ng for Wireless Pentesting with Metasploit.Chapters 12-14 talks about how about how to write your own MSF module in Assembly and Ruby languages (but not in detail of teaching you the basics of these programming languages for beginners). One of these chapters does mention it's possible to write MSF modules in other languages like in Perl, Python, C/C++.

The way is written, makes Ms accessible for anyone

As a penetration tester, and hobby-hacker, I use Metasploit on an almost daily basis. I 'search' and 'use' and 'run', but did I truly understand Metasploit? I got this book hoping to learn more about how Metasploit works and to give me a better idea of how to make my own Metasploit modules.The book has been fantastic! I am a lot more comfortable with the tool ever since reading it, and best of all it walks you through creating your own modules! I ended up writing my very first Ruby program, and my very first Metasploit module that deployes a Meterpreter session on a Palo. In the end, I learned that the authors of the exploit I used had a pending module in Metasploit's git, so I didn't try to publish my module, but I am motivated to make another.I highly recommend this book for anyone who uses Metasploit, or wants to learn how to use it. It's also a great introduction to writing your own modules.