ABILITIES INC - METASPLOIT BASICS

EGYPT & MUBIX | July 22-23



Overview

Egypt and Mubix have combined their knowledge of the innards of the Metasploit Framework and Adversarial Red Teaming practices to introduce on attacking your networks. Covering everything from getting Metasploit up and running and exploiting your first targets to gaining persistence and owning a whole networking without breaking a sweat.

Course Syllabus:

Day 1:
  • Concepts and Tools
  • Attacker Decision Making
  • Getting Metasploit Installed and Setup
  • Internals of Metasploit
  • Enumeration of Targets
  • Exploiting the LAN

Day 2:
  • Exploiting Windows Hosts
  • Exploiting Linux Hosts
  • Exploiting Web Servers
  • Post Exploitation

Who Should Take this Course

IT Admins, CERT analysts, Forensicators, CEO/CSO/CFOs

Student Requirements

  • Basic understanding of Metasploit
  • TCP/IP basics
  • Network configuration in Windows and Linux / OSX

What Students Should Bring

  • Laptop running Linux or OSX (With 20 GB minimum free space)
  • Virtualization software capable of
  • running VMDKs
  • A fresh Kali Linux VM, and a Windows 7 VM
  • Latest version of Burp Suite - (Free or Pro)
  • A text editor you are comfortable writing code in (instructors recommend Sublime Text 2 or Vim)
  • Metasploitable2 VM downloaded and functional: http://sourceforge.net/projects/metasploitable/files/Metasploitable2/

Setup instructions will be sent to the student prior to the class.

What Students Will Be Provided With

Course Materials and access to the Metasploit Basics wiki

Trainers

Rob Fuller (Mubix) has over 11 years of experience covering all facets of information security. He has been behind the lines helping to design, build, and defend the US Marine Corps, US Senate, and Pentagon networks - as well as performing penetration tests and Red Team assessments against those same networks. More recently, Rob has performed numerous successful Red Team assessments against commercial Fortune 50 companies representing some of the best defensive teams in the industry. Rob's experience and expertise ranges from embedded and wireless devices in industrial control system networks to standard corporate IT infrastructures and domains. He is a frequent speaker at a number of well-known security conferences, including ShmooCon, DefCon, DerbyCon, CarolinaCon, Area41, RVASec, and HackCon; and teaches both the Metasploit Basics and Mastery classes at BlackHat USA. He has also served as a technical advisor for HBO's show Silicon Valley and hosts his own show called "Metasploit Minute" for Hak5 (Discovery Channel). Rob has acquired a number of certifications and awards over the years, but the ones he holds above the rest are father, husband, and United States Marine

Egypt (James Lee) is a software developer for Rapid7 where he is a core developer for the Metasploit Framework. Before devoting all his time to Metasploit, he was a Cybersecurity researcher for Idaho National Laboratory where he discovered numerous vulnerabilities in SCADA and Industrial Control Systems. Egypt has presented at DefCon, BSidesLV, Black Hat, Derbycon and other venues. Note that Egypt is not Egypt. The two can be distinguished easily by their relative beards - Egypt has millions, while Egypt only has the one.