On This Page

Abilities Inc - Metasploit Mastery Course

Rob "mubix" Fuller & James "egypt" Lee | August 3-4



Overview

Egypt and Mubix have combined their knowledge of the innards of the Metasploit Framework and Adversarial Red Teaming to introduce one of the most intense classes on attacking networks. Coverage on everything from hacking up your own plugins to owning a whole networking without drawing a single drop of buffer overflow blood. This surgical strike upon your frontal lobe will leave you whistling ruby and spurting root shellz from your veins.

Course Syllabus:

Day 1:
  • Setup, and capabilities demo
  • Ruby crash course
  • MSF Design and Architecture
  • Writing Auxiliary Modules
  • Writing Exploit Modules

Day 2:
  • Writing Post Exploitation Modules
  • Writing Plugins
  • Presence, Persistence, and Pivoting
  • Privilege Escalation
  • Bypassing Anti-Virus
  • Global Capture the Flag

Who Should Take this Course

Those looking to learn more about how to make Metasploit bend to their will.

Student Requirements

  • Basic understanding of Metasploit
  • TCP/IP basics
  • Network configuration in Windows and Linux/OSX
  • Experience with programming (Ruby preferred)

What Students Should Bring

  • Laptop running Linux or OSX (With 20 GB minimum free space)
  • Virtualization software capable of running VMDKs
  • A fresh Kali Linux VM, a Windows 7 VM and a Windows XP VM
  • Latest version of Burp Suite - (Free or Pro)
  • A text editor you are comfortable writing code in (instructors recommend Sublime Text 2 or Vim)
  • Metasploitable2 VM downloaded and functional: http://sourceforge.net/projects/metasploitable/files/Metasploitable2/

Setup instructions will be sent to the student prior to the class.

What Students Will Be Provided With

Course Materials and access to the Metasploit Mastery wiki

Trainers

Rob "Mubix" Fuller is a Senior Red Teamer. His professional experience starts from his time on active duty as United States Marine. He has worked with devices and software that run gambit in the security realm. He has a few certifications, but the titles that he holds above the rest is FATHER, HUSBAND and United States Marine.

James "Egypt" Lee is a software developer for Rapid7 where he is a core developer for the Metasploit Framework. Before devoting all his time to Metasploit, he was a Cybersecurity researcher for Idaho National Laboratory where he discovered numerous vulnerabilities in SCADA and Industrial Control Systems. Egypt has presented at DefCon, BSidesLV, Black Hat, Derbycon and other venues. Note that Egypt is not Egypt. The two can be distinguished easily by their relative beards - Egypt has millions, while Egypt only has the one.