Metasploit Pro Certified Specialist

Course Description

You don’t need to be an expert pen tester to identify security risks or confirm vulnerabilities with the aid of Metasploit Pro. Geared toward security professionals who have little to no Metasploit Pro and penetration testing experience, this two-day interactive class provides the necessary knowledge to jumpstart your use of the product.

For flexible and accessible learning, this course is offered both virtually and on-site at your facility. The virtual class is hosted remotely on a Rapid7 lab and features simulated exercises—including project creation, host discovery, service port and operating system identification, various exploitation methods, evidence collection, and report creation—against a set of target hosts. Customers who participate in on-site trainings will apply their learned skills in hands-on scenarios in their own environment.

All participants will have access to the Metasploit Pro Certified Specialist Exam as part of their training program; go from being the student to the master and leverage the knowledge gained from class to become certified.

What You'll Learn

Metasploit Pro

  • Product overview and key feature descriptions

Navigating the GUI

  • Intro and demonstration of the web interface (GUI)
  • Working with projects for penetration testing

Network Scanning

  • Active scanning
  • Network/device enumeration
  • Importing vulnerability scan data from other products

Exploitation Techniques

  • Gaining access to hosts using targeted exploits, automated exploitation, and brute-force attacks

Maintaining Access and Privilege Escalation

  • Alternative access techniques and privilege escalation methods, including client-side exploits, local system access, and persistence

Web Application Testing

  • Using Metasploit’s web application vulnerability scanning and exploitation capabilities

Social Engineering

  • Utilizing Metasploit Pro to simulate drive-by attacks and spear phishing in order to identify user awareness training gaps

Quick Start Wizards and MetaModules

  • Intro to built-in wizards (for quick penetration tests, web app testing, and campaigns)
  • Intro to MetaModules, which simplify testing by automating common, complicated security tests

Reporting

  • Standard and custom reporting of progress, results, and collected evidence
  • Data exports for archival or backups

Day 1

The first day of class provides an introduction to Metasploit Pro and focuses on key foundational knowledge upon which you will build throughout the course. Emphasis will be placed on the Metasploit Pro console, project workflow, various modules and payloads, and exploitation techniques. You will gain practical, hands-on experience in the following areas:

  • Metasploit Pro Introduction
  • A Discussion of Workflow And Methodology
  • Navigating the GUI
  • Metasploit Tasks
  • Discovering Targets
  • Importing Scan Data
  • An Overview of Exploits Modules
  • Basic Exploitation Techniques
  • Password Brute Force Exploitation Technique
  • Pass-The-Hash Exploitation Technique
  • Pivot Attacks
  • An Overview of Payload Modules
  • An Overview of Command Shell/Meterpreter Payloads

Day 2

After mastering the knowledge and skills covered in Day 1, you will cover additional exploitation techniques, identification and exploitation of web application vulnerabilities, social engineering campaigns, and report generation. Day 2 will be comprised of the following:

  • Post-Exploitation Techniques
  • Maintaining Access and Privilege Escalation
  • Web Application Testing/Exploitation
  • Social Engineering Campaigns
  • Quick Start Wizards, Task Chains and MetaModules
  • Reporting

Prerequisites

Ideally, attendees should have the following:

  • Experience with Windows® and Linux Operating Systems
  • Basic knowledge of network protocols
  • Basic vulnerability management system knowledge
  • Knowledge of penetration testing concepts

Cost

Open-enrollment class - $2,000 per student

Dedicated class (Remote or Onsite) - $7,000 per course plus travel & expenses, up to 5 attendees

Applicable CPEs: 16

Training Registration
Metasploit Pro Certified Specialist

Payment will open in a new window.
By submitting your registration, you are agreeing to our terms and conditions and acknowledge that all trainings are non-refundable.
Please note that this transaction may take up to two business days to go through our verification process.

About Rapid7 Trainings
Take your security skills to the next level and get trained by Rapid7’s resident experts. Whether it be product training or penetration test training, our industry veterans are ready to propel you to the top of your game with essential, hands-on curricula that will help you maximize your skills and resources to help you stay a step (or two) ahead of attackers. To make learning even more accessible, most of our courses are offered in our virtual classroom or on-site at your facility. Even better? Our courses offer 16 to 24 CPE credits upon completion.
Related Courses
Application Assault Certified Training
Network Assault Certified Training
Nexpose Certified Administrator
View All Trainings