Exploitation and Penetration Testing with Metasploit

Exploitation and Penetration Testing with Metasploit

This course is part of IBM Ethical Hacking with Open Source Tools Professional Certificate

Instructors: IBM Skills Network Team

Access provided by Cambia Health Solutions

3,452 already enrolled

5 modules

Gain insight into a topic and learn the fundamentals.

28 reviews

Intermediate level

Recommended experience

2 weeks to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

5 modules

Gain insight into a topic and learn the fundamentals.

28 reviews

Intermediate level

Recommended experience

2 weeks to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

What you'll learn

Build job-ready skills using the Metasploit framework, its architecture, and capabilities, to effectively support penetration testing activities.
Perform reconnaissance, vulnerability assessment, exploit execution, and post-exploitation tasks using Metasploit.
Develop, modify, and execute exploits for real-world attack scenarios, including network, web application, and social engineering.
Document penetration testing findings, generate actionable reports, and provide recommendations for security improvements.

Skills you'll gain

Tools you'll learn

Details to know

Shareable certificate

Add to your LinkedIn profile

Assessments

14 assignments

Taught in English

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

Build your Security expertise

This course is part of the IBM Ethical Hacking with Open Source Tools Professional Certificate

When you enroll in this course, you'll also be enrolled in this Professional Certificate.

Learn new concepts from industry experts
Gain a foundational understanding of a subject or tool
Develop job-relevant skills with hands-on projects
Earn a shareable career certificate from IBM

There are 5 modules in this course

Metasploit is one of the best-known and most used cybersecurity technologies for penetration testing (Cyber Security News). This short course gives you the job-ready skills in exploitation techniques and penetration testing using Metasploit employers are looking for.

During the course, you’ll explore Metasploit’s core functionalities, gaining valuable hands-on experience in exercises that cover real-world exploitation scenarios, including network, system, and web application attacks. Plus, you’ll dive into post-exploitation tactics, persistence techniques, and attack simulations, building the skills you need for both ethical hacking and red teaming. By the end of the course, you’ll be able to conduct advanced penetration tests, execute sophisticated exploits, and understand the tactics used by attackers to compromise systems. Plus, you’ll be able to identify vulnerabilities and implement effective countermeasures to defend against these threats. If those are hands-on skills you want on your resume in 4 weeks’ time, enroll today!

In this module, you'll be introduced to the Metasploit Framework, covering its installation, interface, and the foundational concepts of exploitation. You'll learn how to set up Metasploit, identify key components like payloads and sessions, and perform basic exploitation tasks in a safe environment.

What's included

6 videos5 readings3 assignments7 plugins

6 videos Total 35 minutes

Course Introduction 4 minutes
Professional Certificate Overview: Ethical Hacking Using Open-Source 5 minutes
Introduction to Exploitation and Penetration Testing 6 minutes
Navigating the Metasploit Console 8 minutes
Kali Linux: Installation and Setup 6 minutes
Overview of Payloads 7 minutes

5 readings Total 70 minutes

Course Overview 3 minutes
(Optional) Lab: Hardening Kali Linux - Part 1 40 minutes
(Optional) Lab: Hardening Kali Linux - Part 2 20 minutes
Summary and Highlights: Introduction to Metasploit and Exploitation Basics 3 minutes
Summary and Highlights: Exploring the Metasploit Framework 4 minutes

3 assignments Total 50 minutes

Practice Quiz: Introduction to Metasploit and Exploitation Basics 10 minutes
Practice Quiz: Exploring the Metasploit Framework 10 minutes
Graded Quiz: Metasploit Setup and Core Exploitation Techniques 30 minutes

7 plugins Total 55 minutes

Reading: Helpful Tips for Course Completion 1 minute
Reading: History and Evolution of Metasploit 3 minutes
Reading: Troubleshooting Common Installation Issues 3 minutes
Reading: Types of Exploits in Metasploit 3 minutes
Lab: Exploitation Basics With Metasploit 30 minutes
Glossary: Metasploit Setup and Core Exploitation Techniques 5 minutes
Cheat Sheet: Metasploit Setup and Core Exploitation Techniques 10 minutes

In this module, you'll build on your foundational knowledge as you explore auxiliary modules, session handling, and the basics of exploit development. You'll simulate attacks, modify existing exploits, and apply fuzzing techniques to discover vulnerabilities, bridging theory with real-world offensive security tasks.

What's included

3 videos2 readings3 assignments7 plugins

3 videos Total 22 minutes

Understanding Auxiliary Modules 7 minutes
Real-World Exploitation Walkthrough 6 minutes
Exploit Development 9 minutes

2 readings Total 7 minutes

Summary and Highlights: Exploring the Metasploit Auxiliary Modules 3 minutes
Summary and Highlights: Exploit Development and Advanced Techniques 4 minutes

3 assignments Total 50 minutes

Practice Quiz: Exploring the Metasploit Auxiliary Modules 10 minutes
Practice Quiz: Exploit Development and Advanced Techniques 10 minutes
Graded Quiz: Exploit Development and Auxiliary Module Usage 30 minutes

7 plugins Total 89 minutes

Reading: Writing Basic Exploits in Metasploit 3 minutes
Lab: Establish a Meterpreter Session 30 minutes
Reading: Modify an Existing Exploit 7 minutes
Reading: What Is Fuzzing? 4 minutes
Lab: Perform a Fuzzing Test 30 minutes
Glossary: Exploit Development and Auxiliary Module Usage 5 minutes
Cheat Sheet: Exploit Development and Auxiliary Module Usage 10 minutes

In this module, you will explore techniques attackers use after compromising a system, including privilege escalation, persistence mechanisms, evasion techniques, and network attack simulations.

What's included

6 videos3 readings4 assignments6 plugins

6 videos Total 45 minutes

Privilege Escalation Techniques 7 minutes
Privilege Escalation in Windows and Linux 9 minutes
Methods Attackers Use to Maintain Access 5 minutes
Deploying Stealth Persistence 8 minutes
Red Team versus Blue Team Exercises 9 minutes
Simulating Network Attacks with Metasploit 7 minutes

3 readings Total 10 minutes

Summary and Highlights: Privilege Escalation and Maintaining Access 4 minutes
Summary and Highlights: Persistence and Evasion 3 minutes
Summary and Highlights: Simulated Network Attacks 3 minutes

4 assignments Total 60 minutes

Practice Quiz: Privilege Escalation and Maintaining Access 10 minutes
Practice Quiz: Persistence and Evasion 10 minutes
Practice Quiz: Simulated Network Attacks 10 minutes
Graded Quiz: Post-Exploitation and Attack Simulations 30 minutes

6 plugins Total 128 minutes

Lab: Exploiting a Privilege Escalation Vulnerability 40 minutes
Reading: Case Study: SolarWinds Attack (Attacker's Methods) 3 minutes
Lab: Persistence Tactics in Action 40 minutes
Lab: Simulate a Network Breach 30 minutes
Glossary: Post-Exploitation and Attack Simulations 5 minutes
Cheat Sheet: Post-Exploitation and Attack Simulations 10 minutes

In this module, you'll explore exploitation techniques that target web applications and human vulnerabilities. You'll learn how attackers compromise web apps, use phishing, and perform physical and USB-based attacks.

What's included

6 videos3 readings4 assignments5 plugins

6 videos Total 40 minutes

Exploiting Web Vulnerabilities 8 minutes
Exploiting a Web Application with Metasploit 7 minutes
Inside a Phishing Attack 6 minutes
Phishing Kit Setup and Execution 7 minutes
USB Drop Attacks and Their Impact 5 minutes
USB Drop Attack Simulation 6 minutes

3 readings Total 12 minutes

Summary and Highlights: Web Application Exploitation 3 minutes
Summary and Highlights: Phishing and Credential Harvesting 5 minutes
Summary and Highlights: USB and Physical Social Engineering Attacks 4 minutes

4 assignments Total 60 minutes

Practice Quiz: Web Application Exploitation 10 minutes
Practice Quiz: Phishing and Credential Harvesting 10 minutes
Practice Quiz: USB and Physical Social Engineering Attacks 10 minutes
Graded Quiz: Web and Social Engineering Attacks 30 minutes

5 plugins Total 55 minutes

Lab: Perform a Web Application Attack 30 minutes
Reading: Real-world Phishing Setup and Execution Example 3 minutes
Reading: Simulate a Phishing Attack 7 minutes
Glossary: Web and Social Engineering Attacks 5 minutes
Cheat Sheet: Web and Social Engineering Attacks 10 minutes

This module serves as the capstone for the course, where learners will apply all acquired skills to conduct a comprehensive penetration test using Metasploit.