Expert Metasploit Penetration Testing – Packt Publishing

Salepage link: At HERE. Archive: http://archive.is/OgY0D

Expert Metasploit Penetration Testing

Enhance your knowledge of penetration testing using Metasploit

Enhance your knowledge of penetration testing using Metasploit

About This Video

Step-by-step demonstration of the Metasploit framework using real-time examples, diagrams, and presentations for theoretical topics

Includes a detailed understanding of the framework internals and how they work

Covers all three phases of penetration testing in detail including additional tools, such as Armitage, Nmap, and Nessus

In Detail

If penetration testing is a battle then Metasploit is the deadliest and stealthiest weapon to use. Metasploit is a free, open source penetration testing framework started by H. D. Moore in 2003, which was later acquired by Rapid7. It is based on a modular architecture and all its modules and scripts are integrated with the framework in the form of modules. This makes it fairly easy to integrate any new custom module with the framework and leverage its functionalities. Metasploit is a feature-rich tool that can be integrated with third party tools easily. It is fast, robust, and extensible, and has the ability to manage multiple targets at a time.

“”Expert Metasploit Penetration Testing”” is a complete guide for beginners as well as security professionals who are willing to master the most popular and buzzing framework for pen-testing. The video series will guide you through numerous techniques using real time demonstrations to sharpen your skills and give you a clear understanding of the complete framework. The video series also explains ad-on tools, such as nmap, Armitage, and so on, that can further add more skill sets in your techniques for penetration testing. Overall the video series covers every nook and corner of Metasploit.

The video series starts with scanning for vulnerabilities in the target/network, building standalone payloads using msfencode, exploiting operating systems and then moves ahead with client-side exploitation techniques, the Auxiliary module, and so on. In the post-exploitation phase, it covers persistence, the meterpreter, and pivoting. The final section deals with Armitage and explains how it can be used to leverage the powers of Metasploit over a GUI interface.

“”Expert Metasploit Penetration Testing”” is a quick and comprehensive guide for people who are willing to learn by doing.

“”Expert Metasploit Penetration Testing”” is a complete guide for beginners as well as security professionals who are willing to master the most popular and buzzing framework for pen-testing. The video series will guide you through numerous techniques using real-time demonstrations to sharpen your skills and give you a clear understanding of the complete framework. The video series also explains add-on tools, such as nmap, Armitage, and so on, that can add more penetration testing techniques to your skillset. Overall, the video series covers every aspect of Metasploit.

Course Curriculum

Getting Started with Scanning

• Scanning with Nmap (3:36)
• More Nmap Scan Options (3:57)
• Working with a Database to Store Scan Results (3:15)
• Scanning with Auxiliary Modules (3:15)
• Vulnerability Scanning with NeXpose (3:18)

Working with Metasploit Payloads and Encoders

• Working with msfpayload (3:18)
• Working with msfencode (2:39)
• Generating Complex Payloads (2:37)
• Setting Up Metasploit Exploit Modules and Reverse Handlers (1:53)
• Penetration Testing Using an Executable and Reverse Handler (2:11)

Working with Exploit Modules

• WinXP SP2 Vulnerability Assessment and Exploitation (3:19)
• Binding Shells and Changing Payloads (1:49)
• Understanding the Metasploit Directory Structure (3:40)
• Penetration Testing on a Linux Machine (3:17)

Client-side Exploitation Using Metasploit

• Client-side Exploitation Based on Internet Explorer (2:37)
• Exploitation Module Based on Adobe Reader (2:54)
• Exploitation and Pen-testing Based on a Java Applet (2:11)
• Targeting the Microsoft File Format’s Vulnerabilities for Penetration Testing (2:40)
• Browser Autopwn (2:37)

Post-Exploitation with Meterpreter

• Understanding Meterpreter (3:09)
• Meterpreter System Commands (2:44)
• Privilege Escalation Using Meterpreter (2:32)
• Meterpreter File System Commands (1:54)
• Meterpreter User Interface Commands (4:01)

Advanced Meterpreter

• Passing the Hash (2:55)
• Setting Up Persistent Connection Using Meterpreter (2:59)
• Meterpreter Networking Commands (4:11)t
• Pivoting (3:46)
• Railgun (2:35)

Working with Auxiliary Modules

• Understanding the Module Directory Structure and Auxiliary Modules (3:12)
• Working with Admin Auxiliary Modules (2:58)
• Denial-of-service Auxiliary Modules (2:36)
• Fuzzer Auxiliary Modules (2:33)
• Post Exploitation Auxiliary Modules (2:22)

Working with Armitage

• Getting Started with Armitage (2:07)
• Understanding the Armitage GUI Interface (2:23)
• Scanning with Armitage (2:39)
• Launching Exploits against a Target Using Armitage (2:43)
• Post Exploitation Using Armitage (3:10)