Learn the Metasploit Framework inside out

Learn the Metasploit Framework inside out, available at $19.99, has an average rating of 4.15, with 38 lectures, based on 58 reviews, and has 722 subscribers.

You will learn about You will have a solid understanding of the Metasploit framework and how to work around its limitations. Youll also have the right frame of mind to carry out penetration tests efficiently and effectively. This course is ideal for individuals who are Anyone interested in penetration testing who would like to learn the Metasploit Framework inside out and learn how it can be integrated with other pentesting tools. It is particularly useful for Anyone interested in penetration testing who would like to learn the Metasploit Framework inside out and learn how it can be integrated with other pentesting tools.

Enroll now: Learn the Metasploit Framework inside out

Summary

Title: Learn the Metasploit Framework inside out

Price: $19.99

Average Rating: 4.15

Number of Lectures: 38

Number of Published Lectures: 38

Number of Curriculum Items: 38

Number of Published Curriculum Objects: 38

Original Price: 99.99

Quality Status: approved

Status: Live

What You Will Learn

You will have a solid understanding of the Metasploit framework and how to work around its limitations.

Youll also have the right frame of mind to carry out penetration tests efficiently and effectively.

Who Should Attend

Anyone interested in penetration testing who would like to learn the Metasploit Framework inside out and learn how it can be integrated with other pentesting tools.

Target Audiences

Anyone interested in penetration testing who would like to learn the Metasploit Framework inside out and learn how it can be integrated with other pentesting tools.

This course will cover all of the fundamental aspects of the Metasploit framework, tying a subset of the phases of the Penetration Testing Execution Standard (PTES) methodology to the course structure.

These will be specifically information gathering, vulnerability assessment, exploitation and post-exploitation.

The course also goes beyond the basics by dealing? with social engineering, privilege escalation, antivirus evasion, persistent backdoors, trojanizing executable files, remote desktop, web penetration testing, port forwarded reverse shells, the Beef-XSS Framework, event log management.
?
To follow this course you will need to be confident using generic software programs, know the basics of the Linux command line and a little of system administration.
If something isn’t clear or doesn’t work on your system you can always hit me up and we’ll solve the problem.

Concerning hardware requirements: a host machine with at least 8 GB of RAM with a moderately fast processor, 70 GB of hard-drive space for the vulnerable virtual machine and other 30GB for the Kali VM is a good setup to have, but not mandatory: you can also alternatively install the vulnerable machine on another PC in your home network and work with Kali on your main machine.

The course is laid out in 7 main sections:

Section 1: setup of our environment and introduction to the Penetration Testing Execution Standard (PTES), which is a state of art methodology to carry out a penetration test. Other Metasploit variants like the Metasploit framework on Windows, the Metasploit community edition and Armitage will be covered.

Section 2: fundamental commands of Metasploit and how it works, how to automate repetitive tasks, how to run exploits and Metasploit modules.

Section 3:?information gathering on the target machine with nmap and the other tools available in Metasploit to check which services are installed and effectively map the the attack surface.

Section 4: vulnerability assessment. We’ll check which of the services fingerprinted are likely to be vulnerable. We’ll learn how to install the Nessus vulnerability scanner and integrate it with Metasploit to populate its workspace.

Section 5: finally exploit of seven Metasploitable3 services using Metasploit exclusively, web penetration testing will also be covered.

Section 6:??exploiting services via Social Engineering. We’ll mainly create vectors for Social Engineering engagements, unsuspecting? payloads for the victim to execute on their machine to obtain remote command execution. We’ll create trojanized files, we’ll greatly lower the antivirus detection rate and we’ll use the Beef-XSS Framework together with Metasploit to deliver more complex attacks.

Section 7:?monitoring the user on his machine, logging his keyboard activity, performing privilege escalation, generating persistent backdoors and log management.

Section 8: the course outro and credits.

Course Curriculum

Chapter 1: Introduction and environment setup

Lecture 1: Course introduction

Lecture 2: Introduction to Metasploit and to the PTES

Lecture 3: Setting up, updating the Metasploit Framework and other Metasploit variants

Lecture 4: The Metasploit filesystem and modules

Lecture 5: Installing the Metasploitable3 virtual machine

Lecture 6: The Metasploit Unleashed reference

Chapter 2: Metasploit fundamentals

Lecture 1: Msfconsole introduction and its core commands

Lecture 2: Metasploit exploit usage

Lecture 3: Payloads and their settings, getting our first Meterpreter shell

Lecture 4: Meterpreter commands

Lecture 5: Msfvenom payload generation

Lecture 6: Resource scripts and database backend commands

Chapter 3: Information gathering with Metasploit

Lecture 1: Introduction to information gathering

Lecture 2: Port scanning with db_nmap

Lecture 3: Gathering information manually

Chapter 4: Vulnerability assessment

Lecture 1: Installing the Nessus community edition and loading it within Metasploit

Lecture 2: Scanning for vulnerabilities with Nessus and saving the results to Metasploit

Lecture 3: Scanning web applications with the Metasploit auxiliary modules

Chapter 5: Exploitation of services

Lecture 1: Introduction to exploitation

Lecture 2: Three ways to exploit the Tomcat server

Lecture 3: Exploiting ManageEngine, ElasticSearch and Ruby on Rails

Lecture 4: Exploiting WebDav and WordPress on WAMP

Lecture 5: Exploiting port 445 with psexec and Eternal Blue

Chapter 6: Exploitation via Social Engineering

Lecture 1: Introduction to Social Engineering

Lecture 2: Generating intranet and internet payloads

Lecture 3: Trojanizing an executable with Msfvenom

Lecture 4: Trojanizer

Lecture 5: Social Engineering with Beef-XSS and Metasploit

Lecture 6: Antivirus evasion techniques

Lecture 7: Getting a higher antivirus evasion success rate with the Veil Framework

Chapter 7: Post-exploitation

Lecture 1: Monitoring the users screen, keyboard and killing the antivirus

Lecture 2: Enabling Remote Desktop

Lecture 3: Privilege escalation: basic enumeration

Lecture 4: Privilege escalation: getting the users password and going deeper

Lecture 5: Cracking found password hashes

Lecture 6: Using Meterpreer to create a persistent backdoor

Lecture 7: Cleaning up after yourself

Chapter 8: Conclusion

Lecture 1: The end?

Instructors

Adriano Gattabuia
Security engineer, software developer

Rating Distribution

1 stars: 1 votes

2 stars: 1 votes

3 stars: 9 votes

4 stars: 17 votes

5 stars: 30 votes

Frequently Asked Questions

How long do I have access to the course materials?

You can view and review the lecture materials indefinitely, like an on-demand channel.

Can I take my courses with me wherever I go?

Definitely! If you have an internet connection, courses on Udemy are available on any device at any time. If you don’t have an internet connection, some instructors also let their students download course lectures. That’s up to the instructor though, so make sure you get on their good side!