Learn The Metasploit Framework Inside Out
Based on the Penetration Testing Execution Standard, you'll learn Metasploit, its limits, and how to work around them
Cyber Security,Penetration Testing,IT & Software,Network & Security
Lectures -38
Duration -3.5 hours
30-days Money-Back Guarantee
Get your team access to 10000+ top Tutorials Point courses anytime, anywhere.
Course Description
This course will cover all of the fundamental aspects of the Metasploit framework, tying a subset of the phases of the penetration testing execution standard (PTES) methodology to the course structure. These will be specific information gathering, vulnerability assessment, exploitation and post-exploitation.
The course also goes beyond the basics by dealing with social engineering, privilege escalation, antivirus evasion, persistent backdoors, trojanizing executable files, remote desktop, web penetration testing, port forwarded reverse shells, the Beef-XSS Framework, event log management.
To follow this course you will need to be confident using generic software programs, know the basics of the Linux command line and a little of system administration.
If something isn't clear or doesn't work on your system you can always hit me up and we'll solve the problem. Concerning hardware requirements: a host machine with at least 8 GB of RAM with a moderately fast processor, 70 GB of hard-drive space for the vulnerable virtual machine and other 30GB for the Kali VM is a good setup to have, but not mandatory: you can also alternatively install the vulnerable machine on another pc in your home network and work with Kali on your main machine.
The course is laid out in 7 main sections:
- Section 1: setup of our environment and will introduce you to the Penetration Testing Execution Standard (PTES), which is a state of art methodology to carry out a penetration test. Other Metasploit variants like the Metasploit framework on Windows, the Metasploit community edition and Armitage will be covered.
- Section 2: fundamental commands of Metasploit and how it works, how to automate repetitive tasks, how to run exploits and Metasploit modules.
- Section 3: information gathering on the target machine with nmap and the other tools available in Metasploit to check which services are installed and effectively map the the attack surface.
- Section 4: vulnerability assessment. We'll check which of the services fingerprinted are likely to be vulnerable. We'll learn how to install the Nessus vulnerability scanner and integrate it with Metasploit to populate its workspace.
- Section 5: finally exploit seven services using Metasploit exclusively, web penetration testing will also be covered.
- Section 6: exploiting services via Social Engineering. We'll mainly create vectors for Social Engineering engagements, which are unsuspecting payloads for the victim to execute on their machine to obtain remote command execution. We'll create trojanized files, we'll greatly lower the antivirus detection rate and we'll use the Beef-XSS Framework together with Metasploit to deliver more complex attacks.
- Section 7: monitoring the user on his machine, logging his keyboard activity, performing privilege escalation, generating persistent backdoors and log management.
- Section 8: the course outro.
Who should take this course?
- Anyone interested in penetration testing who would like to learn the Metasploit Framework inside out and learn how it can be integrated with other pen-testing tools.
Goals
What will you learn in this course:
What will students achieve or be able to do after taking your course?
- You will have a solid understanding of the Metasploit framework and how to work around its limitations.
- You'll also have the right frame of mind to carry out penetration tests efficiently and effectively.
Prerequisites
What are the prerequisites for this course?
What knowledge & tools are required?
- You should know the basic commands of the Linux command line and a little bit of system administration.
- A 64-bit PC with 8 GB or RAM and 140GB of free hard drive space, at least an i3 core processor. Alternatively, you could install the vulnerable virtual machine on another PC in your home network and use Kali on your main PC with a lightweight desktop environment like XFCE.
Curriculum
Check out the detailed breakdown of what’s inside the course
Introduction And Environment Setup
6 Lectures
- Course Introduction 03:42 03:42
- Introduction To Metasploit And To The PTES 03:11 03:11
- Setting Up, Updating The Metasploit Framework And Other Metasploit Variants 12:36 12:36
- The Metasploit Filesystem And Modules 05:25 05:25
- Installing The Metasploitable3 Virtual Machine 10:41 10:41
- The Metasploit Unleashed Reference 01:43 01:43
Metasploit Fundamentals
6 Lectures
Information Gathering With Metasploit
3 Lectures
Vulnerability Assessment
3 Lectures
Exploitation Of Services
5 Lectures
Exploitation Via Social Engineering
7 Lectures
Post-exploitation
7 Lectures
Course End
1 Lectures
Instructor Details
Adriano Gattabuia
eCourse Certificate
Use your certificate to make a career change or to advance in your current career.
Our students work
with the Best
Related Video Courses
View MoreAnnual Membership
Become a valued member of Tutorials Point and enjoy unlimited access to our vast library of top-rated Video Courses
Subscribe nowOnline Certifications
Master prominent technologies at full length and become a valued certified professional.
Explore Now