Gaining access with Metasploit

Get ready to launch exploitations against Windows and Linux!
1 hour, 44 minutes 5 videos

Course description

This is where the fun begins! This course will build upon the previous two and cover active exploitation of Windows and Linux targets, using Metasploit. We will compromise systems, capture credentials and password representations (hashes) and crack them using hashcat, all from within the Metasploit framework.


Password cracking with Metasploit

Video - 00:10:00

Cracking password hashes (representations) saved in the database via built-in Metasploit functionality.
Phishing and social engineering with Metasploit

Video - 00:25:00

Using Metasploit to create malicious documents and using a social engineering attack to phish user credentials from unsuspecting Windows users.
Exploiting Linux with Metasploit

Video - 00:16:00

How to use Metasploit to gain remote access to Linux targets, collect credentials and crack password hashes all within the framework.
Exploiting Windows with Metasploit

Video - 00:18:00

How to use Metasploit to gain remote access to a Windows target, collect credentials and crack password hashes.
Gaining access with Metasploit overview

Video - 00:04:00

We cover how to use exploits to compromise a vulnerable system and how to collect password hashes and crack them to reveal the plain-text password, all within the Metasploit framework.
Penetration Testing with Metasploit - 3 - Gaining Access Lab

Lab - 00:30:00

Welcome to Lab 3. Gaining access with Metasploit.In this lab, students will learn how to use the Metasploit Framework to compromise Windows and Linux systems by exploiting software vulnerabilities and system misconfigurations, all from within the framework.- We will set up our database by placing all the database setup commands in a script.- Create a workspace for lab3 to keep your data organized.- We will use db_nmap to portscan targets and automatically update our database of hosts, services, and vulnerabilities as we go.- We will enumerate our Linux and Windows targets and research potential avenues of attack based on the information added to the database.- We will identify a software vulnerability and search Metasploit for an exploit that we can use to compromise the target and obtain remote command shell access.- We will also gain access to Linux and Windows targets by exploiting weak password policies and gain access without the use of any remote code execution exploits, as in the real world, this is a far more likely scenario you will encounter.
Pentesting in metasploit course 3 assessment

Assessment - 6 questions

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Award-winning training you can trust