O'Reilly logo

Metasploit by Mati Aharoni, Devon Kearns, Jim O'Gorman, David Kennedy

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 14. Creating Your Own Exploits

As a penetration tester, you will frequently encounter applications for which no Metasploit modules are available. In such situations, you can attempt to uncover vulnerabilities in the application and develop your own exploits for them.

One of the easiest ways to discover a vulnerability is to fuzz the application. Fuzz testing is the act of sending invalid, unexpected, or malformed random data to an application and monitoring it for exceptions such as crashes. If a vulnerability is found, you can work to develop an exploit for it. Fuzzing is a vast topic and entire books have been written on the subject. We will only briefly scratch the surface of fuzzing prior to moving on and developing a working exploit ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required