Penetration Testing With the Metasploit Framework

An essential requirement for protecting any organization's computer and network systems from adversarial attack is finding the vulnerabilities in those systems before the bad guys do. In this course, cybersecurity expert Ric Messier shows you how to use Metasploit, the open source, multi-platform (Linux, Windows, Mac OS) exploit framework deployed by systems administrators and security engineers everywhere to spot those vulnerabilities.

You'll learn how to download, install, and configure the software; how to extend Metasploit; how to perform system reconnaissance and vulnerability identification missions; how to use exploits; and the basics of social engineering attacks, such as phishing and site cloning.

• Learn to perform basic network and system security scans using Metasploit
• Understand Metasploit's command line, graphical, and web interfaces
• Survey reconnaissance techniques like Nmap scanning, SYN scanning, and service scanning
• Explore vulnerability identification practices like SMB and VNC open service scanning
• Learn to use the exploits in Metasploit to attack systems and identify system vulnerability
• See how to develop custom security functions using Ruby scripts
• Explore phishing attacks, site cloning, and more

Ric Messier (GCIH, GSEC, CEH, CISSP) directs the Cybersecurity & Digital Forensic Programs at Champlain College in Burlington, Vermont. He also runs the private security firm WasHere Consulting and is a Senior Consultant with the security firm IP Architects, LLC. He holds a Masters of Digital Forensic Science from Champlain College and a Ph.D. in Information Assurance and Security from Capella University. Ric is the author of 16 O'Reilly titles, including "Introduction to Penetration Testing", "Learning Linux Security", and "Introduction to Wireshark".