Pentesting with Metasploit: Beginner Edition

Familiarize yourself with how to use Metasploit to its full extent while performing pentesting on Windows and Linux machines.
Write your awesome label here.
Starts: 18 July 2021  Duration: 5 weeks
Recordings of live sessions included!

What You'll Learn

Metasploit is one of the most popular tools around and we will use it to help teach the basics of pentesting. The focus of this bootcamp is to familiarize you with how to use Metasploit and perform pentesting on Linux and Windows machines. The bootcamp will cover various phases of pentesting with Metasploit, we will also take a look at how to write custom metasploit modules to automate attacks.

Completing the bootcamp will equip you to pentest Windows and Linux machines with Metasploit in real-world engagements.
  • 5 Live Sessions

  • 2.5 hrs per session

  • Over 50 Lab Exercises

  • Recordings of Live Sessions

Build Your Cybersecurity Credentials

  • Bootcamp Completion Certificate

Attendees will get a course completion certificate after attending all 5 live sessions.

Live Session Schedule

Weekly 2 hr 30 min sessions start at 12:00pm ET and end at 2:30pm ET.
18 July 2021
25 July 2021
01 Aug 2021
08 Aug 2021
15 Aug 2021
Metasploit Fundamentals and Reconnaissance
Exploitation
Post Exploitation Part I
Post Exploitation Part II
Metasploit Modules and Scripting

Prerequisites

1. A basic knowledge of computers and networking
2. Familiarity with any Linux and Windows OS

Bootcamp Syllabus

Module I: Metasploit Fundamentals

  • Framework Organization
  • Exploits
  • Payloads
  • Encoders
  • Databases
  • Meterpreter

Module II: Reconnaissance

  • Network Scanning
  • Port Scanning
  • Service Enumeration

Module III: Identifying Vulnerabilities and Exploitation

  • Web Applications
  • Web Servers
  • Database Servers
  • RMI Servers
  • WMI
  • WinRM

Module IV: Post Exploitation

  • File and Keylogging
  • Screen Capture
  • Mimikatz
  • Enabling Remote Desktop
  • Enabling WinRM
  • Pass the hash (PsExec)
  • Token Stealing and Incognito
  • Stdapi and Priv Extensions
  • Kiwi and Extapi Extensions
  • Espia and Sniffer Extensions

Module V: Privilege Escalation

  • Basic Misconfigurations
  • Vulnerable services
  • UAC Bypass
  • DLL Hijacking
  • Kiwi and Extapi Extensions
  • Espia and Sniffer Extensions

Module VI: Pivoting

  • Port Forwarding
  • Socks Proxy

Module VII: Maintaining Access

  • Tampering Registry
  • Scheduled Tasks
  • Leveraging WMI
  • Service Backdoors

Module VIII: Custom Modules and Scripts

  • Meterpreter Scripting
  • Meterpreter API Basics
  • Writing Meterpreter Scripts
  • Writing Metasploit Modules
Meet the instructor

Jeswin Mathai

He has published his work at DEFCON China, RootCon, Blackhat Arsenal, and Demo labs (DEFCON). He has also been a co-trainer in classroom trainings conducted at HITB, RootCon, OWASP NZ Day. He has a Bachelor degree from IIIT Bhubaneswar. He was the team lead at InfoSec Society IIIT Bhubaneswar in association with CDAC and ISEA, which performed security auditing of government portals, conducted awareness workshops for government institutions. His area of interest includes Malware Analysis and Reverse Engineering, Cryptography, WiFi security, and Web Application Security.
Jeswin Mathai - Instructor

Can't attend this bootcamp? Get informed about future bootcamps!

Thank you!
Thank you!