Gaining access with MetasploitGet ready to launch exploitations against Windows and Linux!
Course descriptionThis is where the fun begins! This course will build upon the previous two and cover active exploitation of Windows and Linux targets, using Metasploit. We will compromise systems, capture credentials and password representations (hashes) and crack them using hashcat, all from within the Metasploit framework.
Password cracking with Metasploit
Video - 00:10:00
Cracking password hashes (representations) saved in the database via built-in Metasploit functionality.
Phishing and social engineering with Metasploit
Video - 00:25:00
Using Metasploit to create malicious documents and using a social engineering attack to phish user credentials from unsuspecting Windows users.
Exploiting Linux with Metasploit
Video - 00:16:00
How to use Metasploit to gain remote access to Linux targets, collect credentials and crack password hashes all within the framework.
Exploiting Windows with Metasploit
Video - 00:18:00
How to use Metasploit to gain remote access to a Windows target, collect credentials and crack password hashes.
Gaining access with Metasploit overview
Video - 00:04:00
We cover how to use exploits to compromise a vulnerable system and how to collect password hashes and crack them to reveal the plain-text password, all within the Metasploit framework.
Penetration Testing with Metasploit - 3 - Gaining Access Lab
Lab - 00:30:00
Welcome to Lab 3. Gaining access with Metasploit.In this lab, students will learn how to use the Metasploit Framework to compromise Windows and Linux systems by exploiting software vulnerabilities and system misconfigurations, all from within the framework.- We will set up our database by placing all the database setup commands in a script.- Create a workspace for lab3 to keep your data organized.- We will use db_nmap to portscan targets and automatically update our database of hosts, services, and vulnerabilities as we go.- We will enumerate our Linux and Windows targets and research potential avenues of attack based on the information added to the database.- We will identify a software vulnerability and search Metasploit for an exploit that we can use to compromise the target and obtain remote command shell access.- We will also gain access to Linux and Windows targets by exploiting weak password policies and gain access without the use of any remote code execution exploits, as in the real world, this is a far more likely scenario you will encounter.
Pentesting in metasploit course 3 assessment
Assessment - 6 questions
Plans & pricing
- Team administration and reporting
- Dedicated client success manager
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps