Practice Your First Penetration Test: Kali & Metasploit Lab
4.4 (431 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
11,549 students enrolled
Wishlisted Wishlist

Please confirm that you want to add Practice Your First Penetration Test: Kali & Metasploit Lab to your Wishlist.

Add to Wishlist

Practice Your First Penetration Test: Kali & Metasploit Lab

Learn ethical hacking with Kali in your own lab, scan targets with Nmap and exploit victims with metasploit!
Best Seller
4.4 (431 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
11,549 students enrolled
Last updated 5/2017
English [Auto-generated]
Current price: $10 Original price: $30 Discount: 67% off
5 hours left at this price!
30-Day Money-Back Guarantee
  • 3 hours on-demand video
  • 2 Articles
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
What Will I Learn?
  • Install and configure Kali Linux
  • Prepare virtual lab environment with Kali and victim machines
  • Scan networks with Nmap
  • Discover vulnerable applications
  • Exploit Linux and Windows servers with Metasploit
View Curriculum
  • Prepare your laptop with 50GB+ free space on disk

Learn the popular security tools and techniques that you will need to run penetration tests with the best ethical hacking distribution Kali, and the tools: Nmap and Metasploit.

Learn the Essential Techniques and Build a Strong Foundation in Penetration Testing in This Comprehensive Course From Scratch!

  • Set up ethical hacking environment with Kali
  • Prepare virtual victim environment to run your tests safely
  • Scan the targets with easy-to-use and affective commands in Nmap
  • Discover the vulnerabilities to hack into systems
  • Exploit the targets with Metasploit
  • Interact with payloads on victim machines 
  • Download documents, create remote users and take screen captures from exploited Linux and Windows servers.

Powerful Security Skills at Your Fingertips

Learning the fundamentals of ethical hacking puts a powerful and very useful skill at your fingertips. Kali, nmap and metasploit are free and easy to learn tools from beginner to advanced penetration testing operations.

Jobs in penetration testing positions are plentiful and companies are constantly looking for cyber security professionals who have practical-hands on experience on Kali and Metasploit. Experts from the IT industry are also looking for simple yet effective solutions to keep their systems secure.

This course is perfect for anyone seeking to provide safe and secure IT systems with implementing ethical hacking and penetration testing solutions.

Contents and Overview

Suitable for beginners in cyber security, through this course of 45+ lectures and 3 hours of video content, you will learn all the details about setting up and using Kali Linux Distribution and establish a strong understanding of the process behind a professional penetration test. 

This course starts with introducing basic - yet very important aspects of ethical hacking. After this quick summary, you will find yourself already practicing how to setup a penetration testing platform with Kali and victim machines, which you can use in your professional life.

Right after deploying the systems, you will immediately start scanning the target environment, which consists of 1 intentionally vulnerable Linux distribution and 1 Windows 7.

After completing scanning operations, you will learn the famous hacking framework Metasploit with all important options, by practicing against victim machines. And finally, you will be able to exploit and remotely access to Linux and Windows machines, where you will practice ethical hacking skills like downloading documents and gaining passwords, with leveraging advanced payloads like meterpreter.

Upon completion, you will learn how to prepare your ethical hacking environment with Kali, scan network segments per your needs, discover vulnerabilities, exploit victims and gain remote access to compromised machines.

What are the requirements?

  • A willingness to learn and an open mind
  • Basic understanding of how computers work
  • Some linux and network experience is a plus

What am I going to get from this course?

  • By the end of this course, you will be able to prepare your hacking environment and start using Kali
  • You will have the ability to scan networks to detect open ports and services
  • You will discover vulnerabilities by comparing your nmap scan results and related metasploit modules
  • You will exploit vulnerable application with metasploit modules
  • You will access compromised servers and run commands remotely

What is the target audience?

  • College students and professionals from technical domains
  • IT enthusiasts or entrepreneurs
  • Anyone interested in exploring a new domain from scratch
Who is the target audience?
  • This Penetration Testing course is for newbies who has none or limited experience on ethical hacking
  • The course is also very useful for professionals in this domain who is looking for a quick refresher
Students Who Viewed This Course Also Viewed
Curriculum For This Course
48 Lectures
Introduction and Welcome!
3 Lectures 05:03

You will learn some descriptions about the course and the lecturer in this lecture

Preview 02:03

Section details and the composition of course content will be introduced

Course Content

In this lecture, you will hear 2 very important notes about the course: How to stay on the legal side, and how to benefit from the course in full.


Use your power with caution
1 question

Make it crystal-clear
1 question
Introduction to Pentesting and Kali
5 Lectures 09:07

Some basic information about pentesting and ethical hacking.

This lecture is slightly theoratical, but you will learn about the importance of penetration testing and ethical hacking in the world of cyber security.

You will also learn the difference between penetration testing and ethical hacking.

So, what is pentesting?

Introducing types of pentests and pentesting process.

In this lecture, you will learn the most common and useful approaches for pentesting process which contains:

Planning, Reconnaissance, Scanning, Exploiting, Privilege Escalation, Cleaning-Up, Reporting

And also the types of pentests, such as; 

External Network Segment, Internal Network Segment, Web Applications and Services, Wireless networks, 
Servers, Network Devices, Databases, Internal Client Applications, Social Engineering, DDoS and Physical Security

Preview 03:08

Phases and Scope Summary

What is Kali and the reason we use it?

Kali is a penetration testing platform which is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. You will learn the reasoning behind the importance of Kali and why do we use it.

Lets Talk About Kali

Wrapping up the section.

Penetration testing it is about finding and exploiting vulnerabilities in systems to see the risk of a real compromise, before that happens. Thats why it is important for securing the networks and systems.

Section 2: Wrap Up!

Penetration Testing and Ethical Hacking
2 questions
Installing Lab Environment
8 Lectures 23:40

The importance of working on a virtual lab.

You will be setting up your lab and get ready for action in this section!

The good side of this part is, when you've successfully completed the steps I will walk you through, you will have a cyber security lab for your future, real-world tasks, too. 

Preview 01:14

Download List

How and where to download required tools: Kali, VMware Workstation Player, Metasploitable and Windows 7.

You will the sites which you can download the tools directly.

Downloading Kali, Vmware Workstation, Metasploitable, Windows 7

Steps of installing VMware player.

VMware workstation player is very important for virtual systems. In this lecture, You will learn how to install your vmware player.

Installing VMware Player

Steps of installing Kali.

Starting from booting the Kali ISO in VMware Player, you will learn how to install Kali step-by-step.

Installing Kali

Steps of installing metasploitable, which is an intentionally vulnerable linux distribution.

As we need practical skills, we need victim for hands on exercises. You will learn how to install metasploitable with me, in order to achieve this goal.

Installing Metasploitable

Steps of installing Windows 7 as a victim environment.

Windows is the prominent OS in modern computer systems today. Attacking windows is crucial for that very reason.

In this lecture, you will learn how to install Windows 7 as your target.

Installing Windows 7

Wrapping up the section.

You will notice that you already have the environment almostt ready by completing this section.

Section 3: Wrap Up!

Installing Lab Environment
2 questions
Working with Kali
5 Lectures 21:06

Playing with the interface and accessing required settings using Kali.

Starting with the system settings and basic operations like booting or locking Kali, you will learn to find out tools and folders in this lecture.

Kali Desktop Interface and Menus

Upgrade the system to the latest version over Internet.

You will learn how to use apt-get update and apt-get upgrade commands to update your Kali system.

Updating and Upgrading Kali

Installing a very useful component to Kali: Vmtools.

Learn how to install vmtools, which is an important set of tools provided from vmware, that enables our virtual operating system to perform significantly faster for graphics performance, to support shared folders with host OS, and to support drag and drop operations.

Installing VM Tools

How to start and use the top 10 tools in Kali, like nmap, iceweasel, metasploit, armitage, burp suite, beef, maltego and faraday.

Essential Tools in Kali

Wrapping up the section.

You will learn the summary info about what you have achieved in this section about Kali.

Section 4: Wrap Up!

Working with Kali
2 questions
Configuring Victims
5 Lectures 21:32

The importance of practical lab environment and setting up the victims.

We will walk through how to setup metasploitable and Windows 7 as our pentesting targets in the upcoming lectures of this section.

We Need Victims!

Introducing metasploitable and preparing the distro for exploitation.

In this step-by-step hands on lecture, you will install metasploitable linux os with me.

Preparing Metasploitable

Introducing Windows 7 and preparing the OS as our victim.

You will deploy the Windows 7 operating system, with the network and language settings etc.

Good Old Friend Windows

Installing a vulnerable application to Windows machine in order to exploit the OS safely.

The vulnerable software will be downloaded from exploit-db, which is the primary resource for downloading public exploits and related vulnerable applications.

Making Windows Vulnerable

You will quickly refresh what you've achieved in this section!

Section 5: Wrap Up!

Victim Configuration
2 questions
Action Time with Nmap
7 Lectures 31:53

Scanning with Nmap using basic options.

You will learn basic port scanning techniques; ICMP echo request, SYN packet to TCP 443 port, ACK packet TCP 80 port, ICMP timestamp request. Also, you will see how to indicate network segments and ip addresses for scanning!

First Scan with Nmap

Port scanning details with TCP scan and SYN scan.

You will learn the different of TCP scan and SYN scan in this lecture!

Types of Port Scanning

Port scanning practice using Nmap with advanced options.

You will learn how to indicate ports for your nmap scans, as well as automatically scanning top used ports.

A sample command you'll use in this lecture:

nmap -n -sS -p 21,22,139,445,3389

Port Scanning Practice

Service and version detection features of Nmap, finding out the services running on the victim machines.

You will learn how to properly use the "-sV" switch for your tests!

Service and Version Detection

Nmap scanning speed options.

There are different scanning speeds ranging from T1 to T5 as nmap parameters. 

Follow this lecture and learn how the difference!

Let's Scan Faster!

Saving Nmap scan results using different formats.

You can save nmap scan results with "output" switches.

Learn the types of nmap outputs and save it to your disk!

Preview 05:56

Wrap up what you've achieved in this section! 

Nmap is a great tool, and you learnt the basic yet most important options in this part.

Section 6: Wrap Up!

Scanning with Nmap
4 questions
Exploitation with Metasploit
8 Lectures 34:59

Exploitation phase in a pentesting campaign.

Exploitation means taking advantage of computer systems by gaining control, allowing
priviliege escalation or a denial of service. 

You will learn the importance of the exploitation phase, and how are you going to use it!

Exploitation Basics

The modules of metasploit and starting up the application.

General overview of metasploit framework will be introduced here.  

Some of them are: PayloadsExploits, Encoders, Post-mods, Auxiliary.

You will also update the metasploit framework to get started with the newest modules!

The commands you'll use;

"apt-get dist-upgrade"

"apt-get install ruby"

Metasploit is THE Exploitation Framework

How to access metasploit modules and how to set parameters for exploitation.

You will practice how to find and open the modules, as well as the commands to set parameters to msf modules with e.g. "use" and "set"

Diving Into Metasploit

Introducing the metasploit database and importing previously saved nmap results to the database.

db_import is an important parameter which you can import nmap results to metasploit. 

Follow this lecture to learn the details!

Import Operations with MSF database

Exploiting a Samba vulnerability on the victim machine and get shell remotely!

This lecture is very exciting as you'll send an exploit to our victim machine and pwn it remotely!

The modules you'll use: exploit/multi/samba/usermap_script

Preview 06:19

Session backgrounding and remote operations on the victim.

You'll practice the new skills you learnt and exploit the victim again with using a different module: exploit/unix/irc/unreal_ircd_3281_backdoor

You will also practice the first command you'll run in the compromised server. e.g. 

"id" , "ifconfig", "pwd", and "uname -a"

And you'll be able to background msf sessions to interact with your metasploit console and continue hacking!

Let's Practice!

An advanced trick: Creating a remote SSH user on linux machines in limited shells.

In this lecture, you will practice some advanced stuff with me, and create a remote SSH user on the victim machine.

This will show some of the real life problems in a pentest and how to bypass them!

Creating Users Remotely in Limited Shells

You'll quickly refresh what you have achieved with metasploit in this section!

Section 7: Wrap Up!

Exploitation with Metasploit
3 questions
Windows Hacking and Meterpreter
5 Lectures 18:29

The importance of windows hacking and using meterpreter payload!

Meterpreter is more then a payload. It is stealhy, powerful and extensible which makes it
veryy easy for advanced features like collecting screencaptures, erasing evidence and downloading documents.

You will learn the details in this section.

Introduction to Windows Hacking

Scanning the Windows OS once more to find vulnerable service and ports.

You will learn the benefit of "db_nmap" command, and issue commands like;

db_nmap -A -T5

Advanced Windows Scanning

Exploiting the vulnerable application "Manage Engine Security  Manager Plus" and dropping an advanced payload: meterpreter.

You will practice what it is like to practice with meterpreter, and the options on this advanced payload.

Exploiting Windows 7

Using meterpreter for advanced features on the victim, and creating a remote Windows user.

You will first practice meterpreter commands and also backgrounding your msf sessions.

Then, you will create a user remotely on the victim which enables you to login to that server, directly!

The Power of Metasploit: Meterpreter

Wrapping up the section of hacking Windows 7 with an advanced payload: meterpreter.

Preview 01:04

Windows Hacking and Meterpreter
3 questions
Course Wrap Up and Final Notes
2 Lectures 01:30

Accomplished goals in the course!

Starting from the logic and reasoning behind why penetration testing is veryy important for information security world, you had chance to get started with the tools like Kali, nmap and metasploit.

Furthermore, you even hacked your first victims and got shell. This enables you to feel what it is like to conduct pentesting in real, productions systems.

First Step To Be a Professional Pentester, Completed!

I hope you found it useful, practical and enjoyable.

Please feel free to send your comments or questions about the course.

Keep in touch with FeltSecure!

Good Bye and See You Soon!
About the Instructor
FeltSecure Education Labs
4.4 Average rating
429 Reviews
11,549 Students
1 Course
10000+ Students

Frontier Education Labs and Technologies on Security, FeltSecure, is a cyber security education institution which focuses teaching IT security to anyone interested in cyber.

As a team of 10+ experienced security professionals, we provide e-learning courses and practical training services, along with the penetration testing and security auditing assistance for you.

Focusing on purely practical aspects, our mission is to cover security skills you need in your professional life!

Emin Caliskan
4.4 Average rating
429 Reviews
11,549 Students
1 Course
Cyber Security Lecturer & Online Trainer

I am a cyber security professional with almost 10 years of experience in system administration,database management, penetration testing, cyber security consulting and training.

 And for my academic background, I am a computer scientist and an industrial engineer.

I have a MSc degree on Information and Technology Law. I am in the final part of my PhD research which I am pursuing in TUT/Estonia, cyber security department.

Previously I was a researcher at Tallinn University of Technology and before that I was a member of NATO Cooperative Cyber Defence Center of Excellence in Estonia as the national representative from Turkey.

For the last 5 years, I was involved in national and international cyber security projects, mostly dealing with training and exercises.

Beyond that, I am a seasoned penetration tester with a special expertise on financial and governmental systems.

Some of the certificates I hold;

GIAC GXPN (Advanced Penetration Tester and Exploit Researcher)

GIAC GSNA (Systems and Network Auditor)

ISO 27001 Lead Auditor

I am currently living in London and I've recently founded my own startup here, which is called FeltSecure. Together with my colleagues and my co-founder, we aim to help both individuals and companies around the world to get prepared for cyber security challanges through online trainings and consultancy services.