What to bring:

Students will need a laptop capable of running Metasploit 3.2 and VMWare Player, Server, or Workstation.
Students should have working knowledge of Microsoft Windows and at least one Unix-like operating systems (Linux, Solaris, Mac OS X, etc).
Students should have some experience with one or more scripting language, such as Ruby, Perl, Python, or PHP. Students should also be familiar with TCP/IP networking and be comfortable configuring TCP/IP settings on Unix and Windows platforms.

Recommendations

A laptop running a recent version of Linux, BSD, or Mac OS X
Experience using the Metasploit Framework
Experience with exploits and vulnerability assessment tools
Experience with the Ruby programming language
Experience with low-level TCP/IP tools (nmap, hping, wireshark)

Black Hat USA 2009 Weekend Training Session

July 25-26

Mastering the Metasploit Framework

HD Moore, MetaSploit

Overview:

Penetration testing is often a contest between an attacker of limited resources and a target with signficant defenses and capabilities. Security tools, including the Metasploit Framework, are designed to extend the capabilities of a single attacker and gain access where none is provided. This course dives into the newest features of the Metasploit Framework and demonstrates how to use these features in every aspect of a penetration test. Students will learn how to create custom modules to solve specific tasks, launch wide-scale client-side attacks, operate a malicious wireless access point, generate custom backdoors, bypass intrusion prevention systems, automate the post-exploitation process, and much more. The course is split between hands-on labs and lectures, with a focus on practical techniques that have proven successful in the real world.

Prerequisites:

Students will need a laptop capable of running Metasploit 3.2 and VMWare Player, Server, or Workstation. Students should have working knowledge of Microsoft Windows and at least one Unix-like operating systems (Linux, Solaris, Mac OS X, etc). Students should have some experience with one or more scripting language, such as Ruby, Perl, Python, or PHP. Students should also be familiar with TCP/IP networking and be comfortable configuring TCP/IP settings on Unix and Windows platforms.

Trainers:

HD Moore

is the director of security research at BreakingPoint Systems, where he focuses on the content and security testing features of the BreakingPoint product line. Prior to BreakingPoint, HD spent seven years providing vulnerability assessments, leading penetration tests, and developing exploit code. HD is the founder of the Metasploit Project and one of the core developers of the Metasploit Framework, the leading open-source exploit development platform. In his spare time, HD searches for new vulnerabilities, develops security tools, and contributes to open-source security projects.