SANS Course: Metasploit Kung Fu for Enterprise Pen Testing
Metasploit Kung Fu for PenetrationTesters is designed to help attendees master the most heavily used exploitation framework on the planet and see how they can wield it effectively in professional penetration testing. We analyze some of the most powerful and yet often overlooked capabilities of the framework with numerous exercises that make this class one of the most hands-on courses ever developed by SANS. Click here to register!
In SEC580.1, you will go from zero to exploit and beyond faster than you ever thought possible. For example, after this day of class, you will understand the Ruby foundations of Metasploit and how interacting with these underpinnings will greatly optimize and enhance your testing activities. Further, you will understand how far you can extend your exploitation activities through the effective use of some of the late-breaking features of the amazing Meterpreter. Finally, have you ever wondered how you can compromise an entire Domain from simple Windows system access? After this day you will know exactly how to achieve this kind of result. After all, shell is only the beginning.
Day One Topics:
- A Guided Overview of Metasploit's Architecture and Components
- A Deep Dive into the Msfconsole Interface, including Logging and Session Manipulation
- Careful and Effective Exploitation
- The Ultimate Payload: The Metasploit Meterpreter In Depth
- Merciless Pivoting: Routing Through Exploited Systems
- Metasploit Sniffing on Exploited Systems
- Windows Process Token Manipulation for Fun and Profit
- Metasploit's Integration into a Professional Testing Methodology
- Automation with Meterpreter Scripts to Achieve More in Less Time with Consistency
- It's Not All Exploits - Using Metasploit as a Recon Tool
- Port and Vulnerability Scanning with Metasploit, Including Integration with Nmap, Nessus, and Qualys
- Wielding Metasploit Databases for Analysis and Ownage
- Integrating Db_autopwn Functionality in Safe and Effective Penetration Testing
Please note that SANS Security 580 is a hands-on class with many labs. Please, review the laptop requirements before attending class!