Penetration Testing with Metasploit

Penetration Testing with Metasploit

English | MP4 | AVC 1280×720 | AAC 44KHz 2ch | 2h 26m | 357 MB

Metasploit is one of the most common tools used for penetration testing and exploitation. In this course, penetration tester Prashant Pandey shows you various elements of Metasploit, how to apply these elements in penetration testing activities, and what you can do after compromising a system. Prashant begins with a brief history of Metasploit and an overview of its architecture and functionality. He walks you through the lab setup you will need and how to install Metasploit on your system. Next, Prashant goes over important elements, like exploits, payloads, Metasploit DB, and Meterpreter. He covers how to gather information, assess vulnerabilities, and exploit targets using Metasploit. After deep-diving into Meterpreter, Prashant explores how client-side attacks work and how they can be used in penetration testing. He concludes with an explanation of steps you can take after successfully compromising a system.

Table of Contents

1 Get started with Metasploit

1. Understanding Metasploit
2 Brief history of Metasploit
3 Overview and architecture
4 What can Metasploit do
5 Some concepts, terms, and definitions

2. Lab Setup and Installation
6 System requirements for Metasploit
7 Setting up Metasploit environment
8 Setting up Metasploit environment Ubuntu
9 Setting up Metasploit environment Kali Linux
10 Setting up target machines

3. First Look at Metasploit
11 Metasploit interfaces (msfcli, msfconsole, Armitage)
12 Basic commands of msfconsole
13 Exploits and payloads
14 Metasploit database basics
15 Commercial versions of Metasploit

4. Information Gathering Using Metasploit
16 Passive information gathering
17 Performing Nmap scans from Metasploit
18 Service-centric scans
19 Using other port scanners

5. Vulnerability Assessment Using Metasploit
20 Scanning web applications using WMAP
21 Importing Nessus scan results

6. Target Exploitation Using Metasploit
22 Basic exploitation steps FTP brute force
23 Basic exploitation steps FTP backdoor
24 Basic exploitation steps SSH brute force

7. Meterpreter Deep Dive
25 Understanding Meterpreter
26 Use cases of Meterpreter
27 Meterpreter commands
28 Privilege escalation using Meterpreter

8. Client-Side Exploitation
29 What are client-side attacks
30 Video-based attacks
31 Malicious executables

9. Post-Exploitation
32 Using post-exploitation modules
33 Dumping passwords and privilege escalation
34 Pivoting

35 What’s next