
This video provides an overview of the entire course.
Running operating systems as virtual machines / Having Virtualbox.
Download Virtualbox
Install Virtualbox
Setting details
Running Kali Linux as virtual machine / Having it inside Virtualbox.
Download Kali Linux
Import Kali Linux
Set Kali Linux Up
Running Kali Linux as virtual machine / Having it inside Virtualbox.
Download Kali Linux
Import Kali Linux
Set Kali Linux Up
Running Windows as virtual machine / Having it inside Virtualbox.
Download Windows
Import Windows
Set Windows Up
Running Metasploitable as virtual machine / Having it inside Virtualbox.
Download Metasploitable
Import Metasploitable
Set Metasploitable Up
How to understand a hacker’s methodology. Follow an easy six-step guide.
Methodology chart
Understand the steps
Details of the steps
Ethical hacking terms can be con-fusing. A little jargon knowledge!
Understand cybercrime importance
Understand the types of hackers
Understand some common terms
Understand passive information gathering and different possible op-tions.
Understand open sources for information gathering
Understand Netcraft tool
Use Netcraft tool
Understand the usage of Metasploitable. Practice with Metasploitable
Understand the logic of Metasploitable
Use it with Kali
See different modules
Finding open ports in a target ma-chine and Nmap scanning.
Understand scanning method
Work with Zenmap
Understand the Zenmap-Nmap rela-tionship
Finding open ports in a target ma-chine and Nmap scanning.
Understand what ports are
Find open ports
Understand versions
Exploiting vulnerabilities and using Metasploit.
Understand Metasploit
Start msfconsole
Practice with first ex-ploit
Finding alternative to Nmap/scanning with Nessus.
Understand Nessus
Find the appropriate Nessus version online
Download Nessus
Finding alternative to Nmap/scanning with Nessus.
Installing Nessus with terminal
Using Nessus on localhost
Going over Nessus overview
Finding alternative to Nmap/scanning with Nessus.
Basic network scan with Nessus
Understanding the options
Starting first Nessus scan
Having a more detailed scan with Nessus / Using advanced options.
Nessus advanced op-tions
Understanding the options
Starting aggressive scan with Nessus
Understanding the Metasploit framework and going over the filesystem.
Use terminal to locate Metasploit
Change directory to Metasploit Frame-work folder
Analyze Metasploit folder contents
Getting comfortable with Metasploit / Practice with msfconsole.
Starting msfconsole
Running commands on msfconsole
Going over documen-tation
Alternative way to search for exploits / Searching within msfconsole.
Understanding the rankings
Searching within msfconsole
Analyzing results
Getting ready for an exploit / Having proper settings for a payload.
Choosing an exploit with cross checking through rapid7
Showing options of an exploit
Setting options
Exploiting a vulnerability / Running an exploit in msfconsole.
Running exploit with a different command
Working within ses-sion
Closing the session
Exploiting a system without vulnera-bility / Using backdoor.
Understand the back-door
Understand back-door versus Trojan
Understand the rela-tionship between backdoor and Metasploit
Generating a ready to use backdoor / Using Veil.
Find Veil on GitHub
Download related repository
Install downloaded packages
Being comfortable in Using Veil / Practicing in the framework.
Browsing in Veil Frame-work
Understanding Veil commands
Searching for different payloads
Selecting a backdoor to generate / Analyze backdoors and selecting proper settings.
Selecting programming language to use
Analyzing the setup and configuration needs
Finding generated exe file as output
Delivering the generated backdoor to Windows machine / Using Apache server.
Starting Apache server on Kali Linux
Placing backdoor inside web server
Downloading it from Windows
Finding a way to listen for backdoor reverse connection / Using Metasploit framework.
Using multi handler in Metasploitable
Setting payload
Having proper settings
Handling post-connection scenarios properly / Using Meterpreter.
Understand the post-exploitation part
Understand Meterpreter tool
Understand the ad-vantages
Handling post connection scenarios properly / Using Meterpreter.
Review Meterpreter commands
Test Meterpreter commands
Do further research
Accessing target computer files / Us-ing Meterpreter commands.
Download target’s password files
Execute a keylogger on the target ma-chine
Take a screenshot of the target machine
Sustaining the session when target reboots / Using local persistence.
Use msfconsole with session in background
Inject a new payload using local persistence
Listen for incoming connections
Writing a report for penetration test / Following a 3-step methodology.
Plan the report
Monitor resources
Understand the com-ponents of each
Writing the first draft of pen test re-port / Determining the contents.
Executive summary
Methodology
Detailed findings
Finalizing the pen test report / Fol-lowing the last step of the methodol-ogy.
Having it reviewed by seniors
Having plain simple language
Having a strong executive summary
Prepare yourself for common attacks, simulate real-world possibilities, and learn from test scenarios and case studies.
You'll carry out exploitations, build/port exploits of various kinds in Metasploit, find weaknesses in target systems, and hunt for vulnerabilities using Metasploit and its supporting tools. You'll master the latest security techniques and methods that can be directly applied to scan, test, hack, and secure networks and systems with Metasploit. Towards the end of the course, you will implement time-saving techniques using Metasploit.
By the end of the course, you will know how to fully protect your system using Metasploit, and will have gained the skills to carry out penetration testing in complex and highly-secured environments.
About the Author
Atil Samancioglu is a best-selling online instructor and has instructed more than 80,000 students on Ethical Hacking. Atil has trained more than 20.000 students on the following Ethical Hacking subjects: Kali Linux, Metasploit, metasploitable, social engineering, Nmap, Man-in-the-Middle attacks, MITM proxy, Beef, Wireshark, Maltego, SQL Injection, XSS, social media safety, VPN server creation, Meterpreter, Ettercap, WPA Enterprise. He currently works as eBusiness Team Leader in a multinational company.