Cyber Security Expert Hacking Specialist Metasploit (2 days)

Icon Penetration Testing, © NESEC GmbH

Metasploit, developed by HD Moore and commercialized by Rapid7, is the most widely used exploit framework due to the integration of the open source Metasploit framework, especially in Kali Linux. In addition to the large number of integrated exploits, one of Metasploit's strengths lies in its post-exploitation modules, i.e. the modules and components that can be used after the initial penetration. In addition, Metasploit offers extensive possibilities to integrate malicious functions into many different data types, for example to use Trojanized Office files or PDF in social engineering attacks. Metasploit therefore belongs in the toolbox of every penetration tester and efficient use of Metasploit facilitates many attacks.

Your Benefit

Learn the architecture, functions, exploits and modules of Metasploit on Kali Linux. Use existing and customized exploits for the initial penetration of the system. Use Privilege Escalation Modules to gain administrative access to the system. Loot passwords, secret keys but also Bitcoins with the Post Exploitation Modules. Use Msfvenom to build your own malicious code and embed it in seemingly harmless files. The Meterpreter is then your gateway into foreign systems.

Target

This course is aimed at

  • penetration testers
  • information security officers
  • information security consultants
  • system administrators

in companies that want to view information security risks from the attacker's perspective in order to better protect their servers and their company against attacks.

Course Dates

Our hacking course "Expert Hacking Specialist Metasploit" is currently only offered as an on-site company training. Please contact us for an offer and possible dates.

Your contact: Christian H. Gresser, cgresser@nesec.de

Agenda

Day 1

  • Metasploit Framework
    • Introduction to Metasploit
    • Metasploit components
    • Interfaces
  • Metasploit Modules
    • Exploits
    • Payloads
    • External Modules
    • Interaction between the components
  • Metasploit Console
    • Syntax and commands
    • Module options
  • Job- and Session Management
    • Sessions
    • Listener
  • Exploits
    • Combination of different Payloads
    • Shell, Reverse-Shell
    • Meterpreter

Day 2

  • Inside Meterpreter
    • Avoiding Detection
    • Meterpreter Scripting
  • Post-Exploitation Module
    • Information Gathering
    • Privilege Escalation
    • Differences between Windows and Linux
  • Data Management
    • Import/Export of Data
  • Msfvenom
    • Encoder
    • NOPs
  • Development of your own Exploits/Module
    • Structure and syntax

Course Material and Practical Labs

Each participant receives the course material (~ 250 pages) completely with training presentation and supplementary explanations as well as the lab guide (~ 30 pages), both completely in German language. The training materials are continuously updated and corrected to reflect current topics.

All hacking tools are used in Labs in an environment with different virtual machines. In particular all the attacks discussed can also be actively tested and executed. The lab part of the seminar is approx. 50%.

Each participant will also receive a download link with all hacking tools so that they can try out attacks on their own systems.

Your Trainer

All seminars are conducted by experienced penetration testers who contribute their years of experience to this course.