
This video will give you an overview of the course.
In this video, you will get to know the fundamentals of Metasploit.
Understand the fundamentals
Learn the important MSF console commands.
Go through the database commands
Understand the Help commands
Console and core commands
The benefits of using Metasploit.
Understand the benefits of using Metasploit for a penetration test
In this video, we will be performing a complete penetration test with Metasploit.
Perform scanning
Understand exploitation
Learn how to scan for FTP services.
Go through console commands
Go through the FTP module
Perform scanning
Learn how to scan for MSSQL services.
Go through console commands
Understand the MSSQL module
Perform scanning
Learn how to scan for HTTP services.
Go through console commands
Understand the HTTP module
Perform scanning
Learn how to install Metasploitable2.
Download Metasploitable2
Install Metasploitable2
Log in
Learn how to exploit FTP services.
Go through console commands
Understand exploitation
See how to exploit browsers.
Go through console commands
Understand the module
Understand exploitation
Learn how to exploit Android devices with Metasploit.
Go through console commands
Generate payloads
Understand exploitation
Perform post-exploitation with Meterpreter.
Explore the commands
Go through directory traversal
Obtain password hashes.
Go through Meterpreter commands
Obtain password hashes
Learn how to perform privilege escalation with Meterpreter.
Understand privilege escalation commands
Explore the libraries
Perform information gathering with Nmap and Metasploit.
Understand Nmap commands
Service fingerprinting
Perform exploitation with Metasploit.
Perform module selection
Learn how to spawn a tty shell.
Go through Python spawning
Understand shell commands
This video gives an overview of the entire course.
Metasploit is essentially a robust and versatile penetration testing framework. It can literally perform all tasks that are involved in a penetration testing life cycle. Also, since it's a complete framework and not just an application, it can be customized and extended as per our requirements.
Understand Metasploit
See phases of penetration testing life cycle
Metasploit can be made even more useful if integrated with some other tools. Few tools complement Metasploit's capability to perform more precise penetration on the target system.
Look at Nessus
See Nmap
Explore Armitage
Kali Linux requires no installation. Metasploit comes pre-installed with the Kali Virtual machine. All the supporting tools also come pre-installed with the Kali Virtual Machine. Save time and effort in setting up Metasploit and other supporting tools individually.
Download the Kali Linux virtual machine
Extract it from zip file
Open the terminal and type msfconsole
Metasploit Framework can be easily installed on a Windows based operating system. However, Windows is usually not the platform of choice for deploying Metasploit Framework, the reason being, that many of the supporting tools and utilities are not available for Windows platform. Hence it's strongly recommended to install the Metasploit Framework on Linux platform.
Download the latest Metasploit Windows installer
Type msfconsole and hit Enter
Open a terminal window and type
Metasploit is a powerful penetration testing framework which, if not used in a controlled manner, can cause potential damage to the target system. For the sake of learning and practicing Metasploit, we can certainly not use it on any live production system for which we don't have any authorized permission.
Extract Metasploitable virtual machine from the zip file to any location
Select the amount of memory allocated to the Virtual machine
Select the view tab and choose full screen mode
The best way to learn the structure of Metasploit is to browse through its directory. When using a Kali Linux. The Metasploit Framework has a very clear and well-defined structure, and the tools/utilities within the framework are organized based on their relevance in various phases of the penetration testing life cycle. The Metasploit Framework has various component categories based on their role in the penetration testing phases.
Look at the anatomy of Metasploit
Explore Auxiliaries
See Exploits
The msfconsole is nothing but a simple command-line interface of the Metasploit Framework. Though msfconsole may appear a bit complex initially, it is the easiest and most flexible way to interact with the Metasploit Framework.
Look at the banner command
See version command
Explore route command
For most exploits that we use within the Metasploit Framework, we need to set values to some of the variables. The Metasploit Framework is commercially backed by Rapid 7 and has a very active development community.
Look at the get command
Understand getg command
Explore msfupdate utility
In this section, we'll explore various auxiliary modules within the Metasploit Framework that can be effectively used for information gathering and enumeration of various protocols such as TCP, UDP, FTP, SMB, SMTP, HTTP, SSH, DNS, and RDP. For each of these protocols, you will learn multiple auxiliary modules along with the necessary variable configurations.
Use its auxiliary module for various protocols
Set the parameters
Run the command
Password sniffing is a special type of auxiliary module that listens on the network interface and looks for passwords sent over various protocols such as FTP, IMAP, POP3, and SMB. Shodan is an advanced search engine that is used to search for internet connected devices such as webcams and SCADA systems.
Use its auxiliary module
Run the module
Type username and password
NMAP, an acronym for Network Mapper, is an extremely advanced tool that can be used for the following purposes: Host discovery, Service detection, Version enumeration, Vulnerability scanning, Firewall testing and evasion.
Look at the switches and its purposes
Scan with Metasploit
Import Nmap
While performing such tasks, a lot of data is generated in some form or the other. From the framework perspective, it is essential to store all data safely so that it can be reused efficiently whenever required. By default, the Metasploit Framework uses PostgreSQL database at the backend to store and retrieve all the required information.
Look at the usage of the workspace
Import scans
Execute hosts and services commands
Nessus is a popular vulnerability assessment tool. Now, there are two alternatives of using Nessus with Metasploit, as follows: Perform a Nessus scan on the target system, save the report, and then import it into the Metasploit Framework using the db_import command.
Next is to Load, initiate, and trigger a Nessus scan on the target system directly through msfconsole.
Scan using Nessus from msfconsole
Launch the scan
Get list of hosts from a report
Previously, we used the MS08_067net api vulnerability in our target system and got complete administrator-level access to the system. Now, the exploit was successful only because the attacker's system and the target system both were on the same network. What if the network of attacker’s system and victim’s system were different?
Learn how to exploit the target system
Earlier, the Metasploit Framework offered two different utilities, namely, msfpayload and msfencode. The msfpayload was used to generate a payload in a specified format and the msfencode was used to encode and obfuscate the payload using various algorithms. However, the newer and the latest version of the Metasploit Framework has combined both of these utilities into a single utility called msfvenom.
Explore various lists
Set up the listener
Look at the VBA
Social engineering is an art of manipulating human behavior in order to bypass the security controls of the target system. Let's take the example of an organization, which follows very stringent security practices. All the systems are hardened and patched. The latest security software is deployed. Technically, it's very difficult for an attacker to find and exploit any vulnerability. However, the attacker somehow manages to befriend the network administrator of that organization and then tricks him to reveal the admin credentials. This is a classic example where humans are always the weakest link in the security chain.
Generate malicious PDF
Infect the media drives
We need to set up a test application environment in which we can fire our tests. As we know that metasploitable2 is a Linux distribution that is deliberately made vulnerable. It also contains web applications that are intentionally made vulnerable, and we can leverage this to practice using Metasploit's web scanning modules.
Configure the IP
Access it remotely from any web browser
WMAP is a powerful web application vulnerability scanner available in Kali Linux. It is integrated into the Metasploit Framework in the form of a plugin.
Load and initiate the WMAP in Metasploit Framework
Create new site for our scan
Add target URL to be scanned
We'll explore some additional auxiliary modules that can be effectively used for enumeration and scanning web applications.
Look at the Cert
See http_version module
We have already seen how to use the msfvenom utility to generate various payloads. However, these payloads if used as-is are most likely to be detected by antivirus programs. In order to avoid antivirus detection of our payload, we need to use encoders offered by the msfvenom utility.
Use Shikata_ga_nai encoder
Explore opt_sub encoder
Execute 7-zip compression utility
The forensic tools and techniques are well developed and matured to search, analyze, and preserve any digital evidence in case of a breach/fraud or an incident.
Explore timestomp
Execute clearev
Armitage is nothing but a GUI tool for performing and managing all the tasks that otherwise could have been performed through msfconsole. Armitage helps visualize the targets, automatically recommends suitable exploits, and exposes the advanced post-exploitation features in the framework.
Explore Armitage
Start the Armitage console
Now that we have added a target host to the Armitage console, we'll perform a quick port scan to see which ports are open here.
Perform the port scan
Perform NMAP scan
Previously, we added a host to the Armitage console and performed a port scan and enumeration on it using NMAP. Now, we know that it's running a Debian-based Linux system. The next step is to find all possible attacks matching our target host.
Select the Attacks menu and click on find Attacks
See the list of applicable exploits by right-clicking on the host
Select the attack type as PostgreSQL for Linux Payload Execution
Exploits can be of many different types. They can be classified based on various parameters such as platforms, architecture, and purpose served. Whenever any given vulnerability is discovered.
Learn about buffer overflow
Explore fuzzers
Let's consider that you have written an exploit code for a new zero-day vulnerability. Now, to include the exploit code officially into the Metasploit Framework, it has to be in a particular format. Fortunately, you just need to concentrate on the actual exploit code, and then simply use a template to insert it in the required format.
Understand exploit module skeleton
Look at Metasploit mixins in detail
New vulnerabilities across various applications and products are found on a daily basis. For most newly found vulnerabilities, an exploit code is also made public. Now, the exploit code is quite often in a raw format and not readily usable. Also, it might take some time before the exploit is officially made available as a module within the Metasploit Framework. However, we can manually add an external exploit module in the Metasploit Framework and use it like any other existing exploit module.
Download the MS17-010 module
Start msfconsole and issue a reload_all command
Use the use exploit command
This video provides an overview of the entire course.
In this video, we will learn the basics of Metasploit.
Explore the Metasploit framework
Learn the Metasploit architecture
Explanation of Metasploit components
Get an understanding of various commands.
Explore Msfconsole to initialize Metasploit
Learn about Msfcli to add exploits
Explore Msfencode for encoding techniques
This video will help you learn about Exploit and Auxiliary
Explore information about Exploit
Learn about Auxiliary
Explanation of terminologies
This video aims to go through the installation process of VMware.
Learn about VMware
Download VMware
Install VMware
In this video, we will try to understand what linear and logistic regressionareandthe basic building blocks of neural networks with
Learn about the Kali Linux OS.
Download Kali Linux
Install Kali Linux
This video will help you download and install Windows.
Learn about the Windows OS.
Download Windows
Install Windows
In this video, you will learn information gathering.
Explore the web information gathering technique
Learn the network information gathering technique
This video will help you learn about port scanning.
Explore listing port scanning profiles
Explanation about scanning profiles
In this video, you will learn port scanning using Nmap.
Learn about the Nmap tool
Explore Nmap commands
An explanation of Nmap tools
In this video, you will learn various metasploit scanner scripts.
Learn about Metasploit port scanners
Explore the use of port scanners
Perform port scanning
In this video, you will learn about vulnerability scanning.
Explore vulnerability scanning
Learn about vulnerability scanning phases
Explanation of the vulnerability scanning process
This video focuses on the installation of Nessus.
Learn about Nessus
Download Nessus
Install Nessus
In this video, you will learn to use Nessus in Metasploit.
Connect Metasploit with Nessus
Explore various Nessus commands
Report creation
This video will cover web scanning.
Learn about web scanning
Use of Wmap commands
Explanation of commands
This video will help you learn about Router Pentesting.
Overview of Router Pentesting
Learn from a scenario
Explanation
In this video, you will learn about exploiting Windows.
About Windows exploitation
Transfer malicious payload
Get a meterpreter session
This video will help you learn about web exploitation.
About web exploitation
sqlmap tool commands
Explanation of sqlmap commands
In this video, you will learn about network exploitation.
Explore network exploitation
Set up FTP
Perform brute-force using the Hydra tool
This video will help you learn about post- exploitation.
Explore post- exploitation
In this video, you will learn about Meterpreter commands.
Explore a Meterpreter session
Learn various Meterpreter commands
Explanation of Meterpreter commands
In this video, you will learn about Meterpreter scripts.
Explore Meterpreter scripts
Make use of Meterpreter scripts
Explanation of various scripts
In this video, you will learn to perform privilege escalation.
Explore privilege escalation
Perform it using UAC exploit
Explanation of various commands
In this video, you will learn to perform client-side attacks.
Explore client-side attacks
Installation of the framework
Exploit the target system
In this video, you will learn to encode payload.
Explore MSFencode
Encode the payload
Perform exploitation
In this video, you will learn about social engineering.
Get overview of social engineering attacks
SET tool overview
Explanation of social engineering attacks
In this video, you will learn to perform social engineering using SET.
Get an overview of the social engineering toolkit
Generate a payload
Perform exploitation
Metasploit is a popular penetration testing framework and has one of the largest exploit databases around. It is also called as playground for hackers where they demonstrate their skill by protecting or damaging the target. So if you wish to to carry out elementary penetration testing in highly secured environments then, this course is for you!
With this easy to digest practical guide to Metasploit, you will first learn how to correctly configure Metasploit & how to troubleshoot potential errors, as well as scan the different services to identify vulnerabilities. Then you will learn to find weaknesses in the target system and hunt for vulnerabilities using Metasploit and its supporting tools. Along with this, learn how hackers use the network to gain access to different systems. Moving on, you will gain deep knowledge about web application security scanning and bypassing anti-virus and clearing traces on the target system post-compromise. Finally, you'll explore how exploits and payloads work together to gain access to systems.
By end of this course you will be able to use Metasploit to quickly assess the security structure of systems and networks to reduce risk.
Contents and Overview
This training program includes 2 complete courses, carefully chosen to give you the most comprehensive training possible.
The first course, Beginning Metasploit teaches you the practical implementation of Metasploit. Each section will get you started with Metasploit by enumerating available services, identifying potential weaknesses, and testing vulnerabilities through exploitation. The course will show you how to correctly configure Metasploit and how to troubleshoot potential errors. You will scan the different services to identify vulnerabilities. Finally, you will explore sophisticated, real-world scenarios where performing penetration tests is a challenge.
The second course, Learning Metasploit will begin by introducing you to Metasploit and its functionality. Next, you will learn how to set up and configure Metasploit on various platforms to create a virtual test environment. You will also get your hands on various tools and components used by Metasploit. Further, in the video, you will learn how to find weaknesses in the target system and hunt for vulnerabilities using Metasploit and its supporting tools. Next, you'll get hands-on experience carrying out client-side attacks. Moving on, you'll learn about web application security scanning and bypassing anti-virus and clearing traces on the target system post-compromise. This video will also keep you updated with the latest security techniques and methods that can be directly applied to scan, test, hack, and secure networks and systems with Metasploit. By the end of this course, you'll get the hang of bypassing different defences, after which you'll learn how hackers use the network to gain access to different systems.
The third course, Hands-On Penetration Testing with Metasploit will help you explore several supporting tools on Kali Linux. Next, you'll explore how exploits and payloads work together to gain access to systems. Finally, you'll learn how Metasploit Framework works. By the end of this course, you'll have a better understanding of how to use Metasploit to quickly assess the security posture of systems and networks to reduce the risk of attack.
About the Authors:
Alexis Ahmed is an experienced Ethical Hacker and Cyber Security Expert with over 6 years' experience, He also develops Android apps and games in his free time. In addition, he is also a Web Developer with over 4 years' experience and he loves creating beautiful and functional websites for clients all over the world. He also has a YouTube channel with over 60,000 subscribers (and more than 2 million views!) where he makes videos on Ethical Hacking, Linux, and programming.
Sagar Rahalkar is a seasoned information security professional having more than 10 years of comprehensive experience in various verticals of IS. His domain expertise is mainly into breach detection, cybercrime investigations, digital forensics, application security, vulnerability assessment and penetration testing, compliance for mandates and regulations, IT GRC, and much more. He holds a master’s degree in computer science and several industry-recognized certifications such as Certified Cyber Crime Investigator, Certified Ethical Hacker, Certified Security Analyst, ISO 27001 Lead Auditor, IBM certified Specialist-Rational AppScan, Certified Information Security Manager (CISM), and PRINCE2. He has been closely associated with Indian law enforcement agencies for more than 3 years dealing with digital crime investigations and related training and received several awards and appreciation from senior officials of the police and defence organizations in India. Sagar has also been a reviewer and author for various books and online publications
Sunil Gupta;He is a Certified Ethical Hacker. Currently he teaches 50,000+ students online in 150+ countries. He is a specialist in the Ethical Hacking and Cyber Security areas. Author strengths – Vulnerability Assessment, Penetration Testing, Intrusion Detection, Risk Identification, Data Analysis, Report and Briefing.