Video description
Add superior end-to-end security to your network using Metasploit
About This Video
- Gain the skills to carry out penetration testing in complex and highly-secured environments
- Get equipped with the Metasploit framework, exploit and generate modules for a variety of real-world scenarios
- Practical guide to understand and implement new useful methods and techniques to make your network robust and resilient
In Detail
Metasploit is a platform for testing, executing, and exploiting computer systems using a modular framework. It is used to create security testing tools and exploit modules and also as a penetration testing system. In this course, you will use a powerful VM called Metasploitable which is a vulnerable version of Linux for Metasploit. You will begin with setting up of the Metasploit architecture and get familiar with Meterpreter commands, and using these to launch payloads and interact with exploited systems. You will use Metasploit as a vulnerability scanner, leveraging tools such as NMap and Nessus and then work on real-world sophisticated scenarios in which performing penetration tests is a challenge. You will go on a journey through client-side and server-side attacks using Metasploit and various scripts built on the Metasploit framework. Then you will establish foothold on the network by staying hidden, and pivoting to other systems. Finally, you will carry out a cyber attack using Armitage, a GUI-based tool. By the end of the course, you will get well versed with Metasploit modules, exploiting systems, carrying out breaches, as well as building and porting exploits of various kinds in Metasploit. There is something for everyone from the beginner to experienced practitioner looking to broaden their knowledge. No prior knowledge of Metasploit is assumed.
Audience
This course is a primer for the use of Metasploit. Designed for people interested in system security and pentesting using the Metasploit framework. There is something for everyone from the beginner to experienced practitioner looking to broaden their knowledge. No prior knowledge of Metasploit is assumed.
Table of Contents
Chapter 1 : Working and Setting Up Metasploit Architecture
The Course Overview
Organizing a Pentest with Metasploit
Introduction to Exploitation
Metasploit Installation
Metasploit Interfaces and Modules
Metasploit Databases
Metasploitable Setup
Chapter 2 : Scanning and Information Gathering
Scanning with Metasploit
Nmap Integration for Advanced Scanning
Nessus integration in to Metasploit
Scanning with Nessus
Nexpose Integration to Prioritize Vulnerabilities
Chapter 3 : Launching Payloads with Meterpreter
What Is Meterpreter?
Working with Meterpreter
Meterpreter Scripting
Working with Railgun
Custom Meterpreter Scripts
Chapter 4 : Executing Client Type Exploitation
Types of Client-Side Exploits
Browser Exploits to Breach Browser Security
Exploit File Formats to Create Custom Files
Standalone Attacks
Delivering Exploits
Chapter 5 : Server-Side Exploitation
Server-Side Exploitation Types
Exploiting Web Servers
Exploit Database with Remote Exploits
Exploiting VOIP
Exploiting SCADA Systems
Chapter 6 : Types of Exploits and Operations
Privilege Escalation to Grant Access
Gathering Passwords with Mimikatz and Kiwi
Post Exploitations
Maintaining Access
Covering Your Tracks
Chapter 7 : Phishing and Visualization
Social Engineering Toolkit (SET)
Using Armitage to Share Access
Turning on RDP
Screen Capture, Keylogging, and Webcam
Manipulating the Registry
Chapter 8 : Advanced Metasploit
Evasion with MSFvenom
Evasion with Veil
Evasion with Trojanizer
Evasion with Metasploit
Creating Custom Modules
Implementing Custom Modules