Metasploit Framework Course: run a fully functional lab environment for your penetration testing (W5) - Pentestmag

How to apply the incredible capabilities of the Metasploit Framework in a comprehensive penetration testing and vulnerability assessment regimen, according to a thorough methodology for performing effective tests?

Deploy a fully sand boxed network running on Virtualbox to do all the testing you need.
Using Metasploit to gather information than you can use in your advantage.
Run a fully functional lab environment for your penetration testing.
Real life example on how to create a back door.


4CPE CREDICTS


The access to this course is restricted to PenTest Premium or IT Pack Premium Subscription


After completing this course you will be able to: 

  • Have a fully working lab environment including Firewall, routers, exploitable servers, etc.
  • Have a clear understanding and overview of all the tools available on the Metasploit Framework.
  • Perform advance penetration testing.
  • Develop and create your own tools on the Metasploit Framework.

What students should know before they join (student requirements)?

There are 3 Metasploit tools you need to became familiar with:

msfpayload – This is a command-line instance of Metasploit used to generate and output all of the various types of shell code available in Metasploit. This is mainly used for the generation of shell code for an exploit not found in Metasploit or for testing different types of shell code and options before finalizing a module. It is an excellent mix of different options and variables.

msfencode - This is another great tool in the Metasploit kit for exploit development. Its main use is to encode the shell code generated by msfpayload. This is done to suit the target in order to function properly. It may involve transforming the shell code into pure alphanumeric and getting rid of bad characters and encoding it for 64-bit targets. This can be used to encode the shell code multiple times; output it in various formats such as C, Perl, and Ruby; and even merge it to an existing executable file.

msfvenom - Technically speaking, msfvenom is a combination of msfpayload and msfencode. The advantages of msfvenom include a number of standardized command-line options, a single tool, and increased speed.


COURSE SYLLABUS

What will you learn in this workshop


Module 1:

  • Deploy a fully sand boxed network running on Virtualbox to do all the testing you need;
  • Have a fully exploitable server at your disposal;
  • Configure and use a full functional Checkpoint firewall;
  • Deploy your Metasploit framework with Kali Linux;
  • Configure and deploy a fully working Cisco Router;
  • Grasp basic navigation concepts and commands of the Metasploit Framework;
  • Recreate a fully functional network for present and future testing.

Module 2:

  • Using Metasploit to gather information than you can use in your advantage;
  • Advance scan techniques using specific Metasploit modules and leverage that with the use of our database;
  • Scanning: how to use some of the auxiliary scanning modules existing already on the Metasploit Framework.

Module 3:

  • Run a fully functional lab environment for your penetration testing;
  • Work your way around Metasploit cli;
  • Create, manage and connect your Metasploit to multiple databases;
  • Work with Workspaces;
  • Use some of the auxiliary exploits in the discovery process;
  • Run network scans from inside Metasploit;
  • Save results inside a workspace;
  • Use auxiliary exploits to get credentials from our target.

Module 4:

  • Real life example on how to create a back door;
  • Building a Windows 7 machine;
  • Coding fundamentals.

Your instructor: Bruno Rodrigues
w5 insturctor

Senior Security Engineer at Data Solutions

An enthusiastic security and network engineer with the necessary drive and determination needed to resolve complex networking issues. Possessing effective organizational skills and excellent working knowledge of networking technologies and having a commitment to keep up to date with the latest developments. Experienced in providing motivation, guidance and an up to date networking consultancy service to both colleagues and clients.

 

 

 


Contact
Questions? Reach out to us at [email protected]

Course Reviews

5

5
1 ratings
  • 5 stars1
  • 4 stars0
  • 3 stars1
  • 2 stars0
  • 1 stars0
  1. NIce Job !!

    5

    very good write up, thanks for it.
    i would like see a course on Checkpoint Gaia 77.20 installation and configuration.
    any ways Thanks a lot

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023