Exploitation and Penetration Testing with Metasploit

Exploitation and Penetration Testing with Metasploit

本课程是 IBM Ethical Hacking with Open Source Tools 专业证书的一部分

位教师：IBM Skills Network Team

访问权限由 Coursera Learning Team 提供

3,411 人已注册

5个模块

深入了解一个主题并学习基础知识。

28 条评论

中级等级

推荐体验

2 周完成

在 10 小时一周

灵活的计划

自行安排学习进度

5个模块

深入了解一个主题并学习基础知识。

28 条评论

中级等级

推荐体验

2 周完成

在 10 小时一周

灵活的计划

自行安排学习进度

您将学到什么

Build job-ready skills using the Metasploit framework, its architecture, and capabilities, to effectively support penetration testing activities.
Perform reconnaissance, vulnerability assessment, exploit execution, and post-exploitation tasks using Metasploit.
Develop, modify, and execute exploits for real-world attack scenarios, including network, web application, and social engineering.
Document penetration testing findings, generate actionable reports, and provide recommendations for security improvements.

您将获得的技能

要了解的详细信息

可分享的证书

添加到您的领英档案

作业

14 项作业

授课语言：英语（English）

了解顶级公司的员工如何掌握热门技能

了解关于 Coursera for Business 的更多信息

Petrobras, TATA, Danone, Capgemini, P&G 和 L'Oreal 的徽标

积累 Security 领域的专业知识

本课程是 IBM Ethical Hacking with Open Source Tools 专业证书专项课程的一部分

在注册此课程时，您还会同时注册此专业证书。

向行业专家学习新概念
获得对主题或工具的基础理解
通过实践项目培养工作相关技能
通过 IBM 获得可共享的职业证书

该课程共有5个模块

Metasploit is one of the best-known and most used cybersecurity technologies for penetration testing (Cyber Security News). This short course gives you the job-ready skills in exploitation techniques and penetration testing using Metasploit employers are looking for.

During the course, you’ll explore Metasploit’s core functionalities, gaining valuable hands-on experience in exercises that cover real-world exploitation scenarios, including network, system, and web application attacks. Plus, you’ll dive into post-exploitation tactics, persistence techniques, and attack simulations, building the skills you need for both ethical hacking and red teaming. By the end of the course, you’ll be able to conduct advanced penetration tests, execute sophisticated exploits, and understand the tactics used by attackers to compromise systems. Plus, you’ll be able to identify vulnerabilities and implement effective countermeasures to defend against these threats. If those are hands-on skills you want on your resume in 4 weeks’ time, enroll today!

In this module, you'll be introduced to the Metasploit Framework, covering its installation, interface, and the foundational concepts of exploitation. You'll learn how to set up Metasploit, identify key components like payloads and sessions, and perform basic exploitation tasks in a safe environment.

涵盖的内容

6个视频5篇阅读材料3个作业7个插件

6个视频总计35分钟

Course Introduction 4分钟
Professional Certificate Overview: Ethical Hacking Using Open-Source 5分钟
Introduction to Exploitation and Penetration Testing 6分钟
Navigating the Metasploit Console 8分钟
Kali Linux: Installation and Setup 6分钟
Overview of Payloads 7分钟

5篇阅读材料总计70分钟

Course Overview 3分钟
(Optional) Lab: Hardening Kali Linux - Part 1 40分钟
(Optional) Lab: Hardening Kali Linux - Part 2 20分钟
Summary and Highlights: Introduction to Metasploit and Exploitation Basics 3分钟
Summary and Highlights: Exploring the Metasploit Framework 4分钟

3个作业总计50分钟

Graded Quiz: Metasploit Setup and Core Exploitation Techniques 30分钟
Practice Quiz: Introduction to Metasploit and Exploitation Basics 10分钟
Practice Quiz: Exploring the Metasploit Framework 10分钟

7个插件总计55分钟

Reading: Helpful Tips for Course Completion 1分钟
Reading: History and Evolution of Metasploit 3分钟
Reading: Troubleshooting Common Installation Issues 3分钟
Reading: Types of Exploits in Metasploit 3分钟
Lab: Exploitation Basics With Metasploit 30分钟
Glossary: Metasploit Setup and Core Exploitation Techniques 5分钟
Cheat Sheet: Metasploit Setup and Core Exploitation Techniques 10分钟

In this module, you'll build on your foundational knowledge as you explore auxiliary modules, session handling, and the basics of exploit development. You'll simulate attacks, modify existing exploits, and apply fuzzing techniques to discover vulnerabilities, bridging theory with real-world offensive security tasks.

涵盖的内容

3个视频2篇阅读材料3个作业7个插件

3个视频总计22分钟

Understanding Auxiliary Modules 7分钟
Real-World Exploitation Walkthrough 6分钟
Exploit Development 9分钟

2篇阅读材料总计7分钟

Summary and Highlights: Exploring the Metasploit Auxiliary Modules 3分钟
Summary and Highlights: Exploit Development and Advanced Techniques 4分钟

3个作业总计50分钟

Graded Quiz: Exploit Development and Auxiliary Module Usage 30分钟
Practice Quiz: Exploring the Metasploit Auxiliary Modules 10分钟
Practice Quiz: Exploit Development and Advanced Techniques 10分钟

7个插件总计89分钟

Reading: Writing Basic Exploits in Metasploit 3分钟
Lab: Establish a Meterpreter Session 30分钟
Reading: Modify an Existing Exploit 7分钟
Reading: What Is Fuzzing? 4分钟
Lab: Perform a Fuzzing Test 30分钟
Glossary: Exploit Development and Auxiliary Module Usage 5分钟
Cheat Sheet: Exploit Development and Auxiliary Module Usage 10分钟

In this module, you will explore techniques attackers use after compromising a system, including privilege escalation, persistence mechanisms, evasion techniques, and network attack simulations.

涵盖的内容

6个视频3篇阅读材料4个作业6个插件

6个视频总计45分钟

Privilege Escalation Techniques 7分钟
Privilege Escalation in Windows and Linux 9分钟
Methods Attackers Use to Maintain Access 5分钟
Deploying Stealth Persistence 8分钟
Red Team versus Blue Team Exercises 9分钟
Simulating Network Attacks with Metasploit 7分钟

3篇阅读材料总计10分钟

Summary and Highlights: Privilege Escalation and Maintaining Access 4分钟
Summary and Highlights: Persistence and Evasion 3分钟
Summary and Highlights: Simulated Network Attacks 3分钟

4个作业总计60分钟

Graded Quiz: Post-Exploitation and Attack Simulations 30分钟
Practice Quiz: Privilege Escalation and Maintaining Access 10分钟
Practice Quiz: Persistence and Evasion 10分钟
Practice Quiz: Simulated Network Attacks 10分钟

6个插件总计128分钟

Lab: Exploiting a Privilege Escalation Vulnerability 40分钟
Reading: Case Study: SolarWinds Attack (Attacker's Methods) 3分钟
Lab: Persistence Tactics in Action 40分钟
Lab: Simulate a Network Breach 30分钟
Glossary: Post-Exploitation and Attack Simulations 5分钟
Cheat Sheet: Post-Exploitation and Attack Simulations 10分钟

In this module, you'll explore exploitation techniques that target web applications and human vulnerabilities. You'll learn how attackers compromise web apps, use phishing, and perform physical and USB-based attacks.

涵盖的内容

6个视频3篇阅读材料4个作业5个插件

6个视频总计40分钟

Exploiting Web Vulnerabilities 8分钟
Exploiting a Web Application with Metasploit 7分钟
Inside a Phishing Attack 6分钟
Phishing Kit Setup and Execution 7分钟
USB Drop Attacks and Their Impact 5分钟
USB Drop Attack Simulation 6分钟

3篇阅读材料总计12分钟

Summary and Highlights: Web Application Exploitation 3分钟
Summary and Highlights: Phishing and Credential Harvesting 5分钟
Summary and Highlights: USB and Physical Social Engineering Attacks 4分钟

4个作业总计60分钟

Graded Quiz: Web and Social Engineering Attacks 30分钟
Practice Quiz: Web Application Exploitation 10分钟
Practice Quiz: Phishing and Credential Harvesting 10分钟
Practice Quiz: USB and Physical Social Engineering Attacks 10分钟

5个插件总计55分钟

Lab: Perform a Web Application Attack 30分钟
Reading: Real-world Phishing Setup and Execution Example 3分钟
Reading: Simulate a Phishing Attack 7分钟
Glossary: Web and Social Engineering Attacks 5分钟
Cheat Sheet: Web and Social Engineering Attacks 10分钟

This module serves as the capstone for the course, where learners will apply all acquired skills to conduct a comprehensive penetration test using Metasploit.