We may earn an affiliate commission when you visit our partners.
Course image
Emin Caliskan and FeltSecure Labs

Learn the Essential Techniques and Build a Strong Foundation in Penetration Testing in This Comprehensive Course From Scratch.

  • Set up ethical hacking environment with Kali
  • Prepare virtual victim environment to run your tests safely
  • Scan the targets with easy-to-use and affective commands in Nmap
  • Discover the vulnerabilities to hack into systems
  • Exploit the targets with Metasploit
  • Interact with payloads on victim machines
  • Download documents, create remote users and take screen captures from exploited Linux and Windows servers.
Read more

Learn the Essential Techniques and Build a Strong Foundation in Penetration Testing in This Comprehensive Course From Scratch.

  • Set up ethical hacking environment with Kali
  • Prepare virtual victim environment to run your tests safely
  • Scan the targets with easy-to-use and affective commands in Nmap
  • Discover the vulnerabilities to hack into systems
  • Exploit the targets with Metasploit
  • Interact with payloads on victim machines
  • Download documents, create remote users and take screen captures from exploited Linux and Windows servers.

Powerful Security Skills at Your Fingertips

Learning the fundamentals of ethical hacking puts a powerful and very useful skill at your fingertips. Kali, nmap and metasploit are free and easy to learn tools from beginner to advanced penetration testing operations.

Jobs in penetration testing positions are plentiful and companies are constantly looking for cyber security professionals who have practical-hands on experience on Kali and Metasploit. Experts from the IT industry are also looking for simple yet effective solutions to keep their systems secure.

This course is perfect for anyone seeking to provide safe and secure IT systems with implementing ethical hacking and penetration testing solutions.

Contents and Overview

Suitable for beginners in cyber security, through this course of 45+ lectures and 3 hours of video content, you will learn all the details about setting up and using Kali Linux Distribution and establish a strong understanding of the process behind a professional penetration test.

This course starts with introducing basic - yet very important aspects of ethical hacking. After this quick summary, you will find yourself already practicing how to setup a penetration testing platform with Kali and victim machines, which you can use in your professional life.

Right after deploying the systems, you will immediately start scanning the target environment, which consists of 1 intentionally vulnerable Linux distribution and 1 Windows 7.

After completing scanning operations, you will learn the famous hacking framework Metasploit with all important options, by practicing against victim machines. And finally, you will be able to exploit and remotely access to Linux and Windows machines, where you will practice ethical hacking skills like downloading documents and gaining passwords, with leveraging advanced payloads like meterpreter.

Upon completion, you will learn how to prepare your ethical hacking environment with Kali, scan network segments per your needs, discover vulnerabilities, exploit victims and gain remote access to compromised machines.

What are the requirements?

  • A willingness to learn and an open mind
  • Basic understanding of how computers work
  • Some linux and network experience is a plus

What am I going to get from this course?

  • By the end of this course, you will be able to prepare your hacking environment and start using Kali
  • You will have the ability to scan networks to detect open ports and services
  • You will discover vulnerabilities by comparing your nmap scan results and related metasploit modules
  • You will exploit vulnerable application with metasploit modules
  • You will access compromised servers and run commands remotely

What is the target audience?

  • College students and professionals from technical domains
  • IT enthusiasts or entrepreneurs
  • Anyone interested in exploring a new domain from scratch
Enroll now

Here's a deal for you

We found an offer that may be relevant to this course.
Save money when you learn. All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.

What's inside

Learning objectives

  • Install and configure kali linux
  • Prepare virtual lab environment with kali and victim machines
  • Scan networks with nmap
  • Discover vulnerable applications
  • Exploit linux and windows servers with metasploit

Syllabus

Introduction to course, instructor and curriculum

You will learn some descriptions about the course and the lecturer in this lecture

Section details and the composition of course content will be introduced

Read more

In this lecture, you will hear 2 very important notes about the course: How to stay on the legal side, and how to benefit from the course in full.

Use your power with caution
Make it crystal-clear
You will learn the phases and types of pentests, as well as the importance of Kali

Some basic information about pentesting and ethical hacking.

This lecture is slightly theoratical, but you will learn about the importance of penetration testing and ethical hacking in the world of cyber security.

You will also learn the difference between penetration testing and ethical hacking.

Introducing types of pentests and pentesting process.

In this lecture, you will learn the most common and useful approaches for pentesting process which contains:

Planning, Reconnaissance, Scanning, Exploiting, Privilege Escalation, Cleaning-Up, Reporting

And also the types of pentests, such as; 

External Network Segment, Internal Network Segment, Web Applications and Services, Wireless networks, 
Servers, Network Devices, Databases, Internal Client Applications, Social Engineering, DDoS and Physical Security

Phases and Scope Summary

What is Kali and the reason we use it?

Kali is a penetration testing platform which is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. You will learn the reasoning behind the importance of Kali and why do we use it.

Wrapping up the section.

Penetration testing it is about finding and exploiting vulnerabilities in systems to see the risk of a real compromise, before that happens. Thats why it is important for securing the networks and systems.

Penetration Testing and Ethical Hacking
You will download and install required tools to your computer

The importance of working on a virtual lab.

You will be setting up your lab and get ready for action in this section!

The good side of this part is, when you've successfully completed the steps I will walk you through, you will have a cyber security lab for your future, real-world tasks, too. 

Download List

How and where to download required tools: Kali, VMware Workstation Player, Metasploitable and Windows 7.

You will the sites which you can download the tools directly.

Steps of installing VMware player.

VMware workstation player is very important for virtual systems. In this lecture, You will learn how to install your vmware player.

Steps of installing Kali.

Starting from booting the Kali ISO in VMware Player, you will learn how to install Kali step-by-step.

Steps of installing metasploitable, which is an intentionally vulnerable linux distribution.

As we need practical skills, we need victim for hands on exercises. You will learn how to install metasploitable with me, in order to achieve this goal.

Steps of installing Windows 7 as a victim environment.

Windows is the prominent OS in modern computer systems today. Attacking windows is crucial for that very reason.

In this lecture, you will learn how to install Windows 7 as your target.

Wrapping up the section.

You will notice that you already have the environment almostt ready by completing this section.

Installing Lab Environment
Prepare and configure Kali, install vmtools, run the required pentesting applications on Kali

Playing with the interface and accessing required settings using Kali.

Starting with the system settings and basic operations like booting or locking Kali, you will learn to find out tools and folders in this lecture.

Upgrade the system to the latest version over Internet.

You will learn how to use apt-get update and apt-get upgrade commands to update your Kali system.

Installing a very useful component to Kali: Vmtools.

Learn how to install vmtools, which is an important set of tools provided from vmware, that enables our virtual operating system to perform significantly faster for graphics performance, to support shared folders with host OS, and to support drag and drop operations.

How to start and use the top 10 tools in Kali, like nmap, iceweasel, metasploit, armitage, burp suite, beef, maltego and faraday.

Wrapping up the section.

You will learn the summary info about what you have achieved in this section about Kali.

Working with Kali
Prepare and configure victim machines and finalizing virtual lab environment

The importance of practical lab environment and setting up the victims.

We will walk through how to setup metasploitable and Windows 7 as our pentesting targets in the upcoming lectures of this section.



Introducing metasploitable and preparing the distro for exploitation.

In this step-by-step hands on lecture, you will install metasploitable linux os with me.

Introducing Windows 7 and preparing the OS as our victim.

You will deploy the Windows 7 operating system, with the network and language settings etc.

Installing a vulnerable application to Windows machine in order to exploit the OS safely.

The vulnerable software will be downloaded from exploit-db, which is the primary resource for downloading public exploits and related vulnerable applications.

You will quickly refresh what you've achieved in this section!

Victim Configuration
Introducing Nmap and scanning the already-prepared vulnerable machines

Scanning with Nmap using basic options.

You will learn basic port scanning techniques; ICMP echo request, SYN packet to TCP 443 port, ACK packet TCP 80 port, ICMP timestamp request. Also, you will see how to indicate network segments and ip addresses for scanning!

Port scanning details with TCP scan and SYN scan.

You will learn the different of TCP scan and SYN scan in this lecture!

Port scanning practice using Nmap with advanced options.

You will learn how to indicate ports for your nmap scans, as well as automatically scanning top used ports.

A sample command you'll use in this lecture:

nmap 192.168.174.131 -n -sS -p 21,22,139,445,3389

Service and version detection features of Nmap, finding out the services running on the victim machines.

You will learn how to properly use the "-sV" switch for your tests!

Nmap scanning speed options.

There are different scanning speeds ranging from T1 to T5 as nmap parameters. 

Follow this lecture and learn how the difference!

Saving Nmap scan results using different formats.

You can save nmap scan results with "output" switches.

Learn the types of nmap outputs and save it to your disk!

Wrap up what you've achieved in this section! 

Nmap is a great tool, and you learnt the basic yet most important options in this part.

Scanning with Nmap
Introducing Metasploit and exploiting victim machines using msf modules

Exploitation phase in a pentesting campaign.

Exploitation means taking advantage of computer systems by gaining control, allowing
priviliege escalation or a denial of service. 

You will learn the importance of the exploitation phase, and how are you going to use it!

The modules of metasploit and starting up the application.

General overview of metasploit framework will be introduced here.  

Some of them are: PayloadsExploits, Encoders, Post-mods, Auxiliary.

You will also update the metasploit framework to get started with the newest modules!

The commands you'll use;

"apt-get dist-upgrade"

"apt-get install ruby"

How to access metasploit modules and how to set parameters for exploitation.

You will practice how to find and open the modules, as well as the commands to set parameters to msf modules with e.g. "use" and "set"

Introducing the metasploit database and importing previously saved nmap results to the database.

db_import is an important parameter which you can import nmap results to metasploit. 

Follow this lecture to learn the details!

Exploiting a Samba vulnerability on the victim machine and get shell remotely!

This lecture is very exciting as you'll send an exploit to our victim machine and pwn it remotely!

The modules you'll use: exploit/multi/samba/usermap_script

Session backgrounding and remote operations on the victim.

You'll practice the new skills you learnt and exploit the victim again with using a different module: exploit/unix/irc/unreal_ircd_3281_backdoor

You will also practice the first command you'll run in the compromised server. e.g. 

"id" , "ifconfig", "pwd", and "uname -a"

And you'll be able to background msf sessions to interact with your metasploit console and continue hacking!

An advanced trick: Creating a remote SSH user on linux machines in limited shells.

In this lecture, you will practice some advanced stuff with me, and create a remote SSH user on the victim machine.

This will show some of the real life problems in a pentest and how to bypass them!

You'll quickly refresh what you have achieved with metasploit in this section!

Exploitation with Metasploit
Hacking Windows 7 operating system with metasploit and meterpreter

The importance of windows hacking and using meterpreter payload!

Meterpreter is more then a payload. It is stealhy, powerful and extensible which makes it
veryy easy for advanced features like collecting screencaptures, erasing evidence and downloading documents.

You will learn the details in this section.

Scanning the Windows OS once more to find vulnerable service and ports.

You will learn the benefit of "db_nmap" command, and issue commands like;

db_nmap 192.168.28.131 -A -T5

Exploiting the vulnerable application "Manage Engine Security  Manager Plus" and dropping an advanced payload: meterpreter.

You will practice what it is like to practice with meterpreter, and the options on this advanced payload.

Using meterpreter for advanced features on the victim, and creating a remote Windows user.

You will first practice meterpreter commands and also backgrounding your msf sessions.

Then, you will create a user remotely on the victim which enables you to login to that server, directly!

Wrapping up the section of hacking Windows 7 with an advanced payload: meterpreter.

Windows Hacking and Meterpreter
Summarize the take aways from the course and good bye

Accomplished goals in the course!

Starting from the logic and reasoning behind why penetration testing is veryy important for information security world, you had chance to get started with the tools like Kali, nmap and metasploit.

Furthermore, you even hacked your first victims and got shell. This enables you to feel what it is like to conduct pentesting in real, productions systems.


I hope you found it useful, practical and enjoyable.

Please feel free to send your comments or questions about the course.

Keep in touch with FeltSecure!

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Taught by experts in the field of cybersecurity, FeltSecure Labs
Develops skills and knowledge that are in high demand in the job market, such as penetration testing and ethical hacking
Appropriate for beginners with no prior experience in cybersecurity or penetration testing
Provides hands-on, practical experience through virtual lab exercises
Covers a comprehensive range of topics, from basic concepts to advanced techniques
Teaches students to use industry-standard tools such as Kali Linux, Nmap, and Metasploit

Save this course

Save Practice Your First Penetration Test: Kali & Metasploit Lab to your list so you can find it easily later:
Save

Reviews summary

Kali and metasploit penetration test lab

According to students, this penetration test lab with Kali and Metasploit has engaging assignments but may have difficult exams. Learners mention that the lab is well-structured and provides valuable hands-on experience.

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Practice Your First Penetration Test: Kali & Metasploit Lab with these activities:
Kali Linux Practice
Practice using Kali Linux to perform various security tasks, such as network scanning, vulnerability assessment, and password cracking. This will help you to become familiar with the tools and techniques used by professional penetration testers.
Browse courses on Kali Linux
Show steps
  • Create a virtual lab environment.
  • Install Kali Linux on your computer.
  • Practice using Kali Linux tools.
Metasploit Tutorial
Follow a tutorial on how to use Metasploit to exploit vulnerabilities and gain remote access to target systems. This will teach you how to use Metasploit's powerful tools and techniques to perform penetration testing.
Browse courses on Metasploit
Show steps
  • Find a Metasploit tutorial.
  • Follow the tutorial steps.
  • Practice using Metasploit to exploit vulnerabilities.
Port Scanning Practice
Practice using Nmap to scan different ports and services on a target system. This will improve your understanding of how Nmap works and help you to identify vulnerabilities more effectively.
Browse courses on Port Scanning
Show steps
  • Create a virtual lab environment.
  • Install Nmap on your computer.
  • Scan a target system using Nmap.
  • Analyze the Nmap scan results to identify open ports and services.
Four other activities
Expand to see all activities and additional details
Show all seven activities
Ethical Hacking Workshop
Attend an ethical hacking workshop to learn about the latest security tools and techniques. This will allow you to practice your skills in a controlled environment and to network with other professionals in the field.
Browse courses on Ethical Hacking
Show steps
  • Find an ethical hacking workshop.
  • Register for the workshop.
  • Attend the workshop.
  • Participate in the workshop activities.
Vulnerability Assessment Report
Create a vulnerability assessment report that documents the vulnerabilities that you have identified on a target system. This will help you to communicate your findings to stakeholders and to prioritize remediation efforts.
Browse courses on Vulnerability Assessment
Show steps
  • Conduct a vulnerability assessment.
  • Identify and document vulnerabilities.
  • Prioritize remediation efforts.
Penetration Testing Presentation
Create a presentation that summarizes your findings from a penetration test. This will help you to communicate your findings to stakeholders and to educate them about the importance of cybersecurity.
Browse courses on Penetration Testing
Show steps
  • Conduct a penetration test.
  • Summarize your findings.
  • Create a presentation.
Penetration Testing Project
Conduct a penetration test on a target system to identify and exploit vulnerabilities. This will give you hands-on experience in performing a complete penetration test.
Browse courses on Penetration Testing
Show steps
  • Choose a target system.
  • Reconnaissance the target system.
  • Identify and exploit vulnerabilities.
  • Write a penetration test report.

Career center

Learners who complete Practice Your First Penetration Test: Kali & Metasploit Lab will develop knowledge and skills that may be useful to these careers:
Ethical Hacker
An Ethical Hacker is responsible for using hacking techniques to identify and exploit vulnerabilities in systems in order to improve security. This course may be useful because it provides instruction on the use of ethical hacking and penetration testing tools and techniques. The course also provides instruction on the reconnaissance, scanning, exploitation, and reporting phases of penetration testing. This course would be especially useful for an Ethical Hacker who is responsible for identifying and exploiting vulnerabilities in systems.
Penetration Tester
A Penetration Tester is responsible for testing the security of computer systems and networks. This course may be useful because it provides instruction on the use of ethical hacking and penetration testing tools and techniques. The course also provides instruction on the reconnaissance, scanning, exploitation, and reporting phases of penetration testing. This course would be especially useful for a Penetration Tester who is responsible for identifying and exploiting vulnerabilities in systems.
Security Engineer
A Security Engineer is responsible for designing, implementing, and maintaining security systems. This course may be useful because it provides instruction on the use of ethical hacking and penetration testing tools and techniques. The course also provides instruction on the reconnaissance, scanning, exploitation, and reporting phases of penetration testing. This course would be especially useful for a Security Engineer who is responsible for identifying and mitigating security risks in systems.
Cybersecurity Analyst
A Cybersecurity Analyst is responsible for monitoring and analyzing security data to identify and respond to threats. This course may be useful because it provides instruction on the use of ethical hacking and penetration testing tools and techniques. The course also provides instruction on the reconnaissance, scanning, exploitation, and reporting phases of penetration testing. This course would be especially useful for a Cybersecurity Analyst who is responsible for identifying and responding to security incidents.
Chief Information Security Officer
A Chief Information Security Officer (CISO) is responsible for overseeing the security of an organization's information assets. This course may be useful because it provides instruction on the use of ethical hacking and penetration testing tools and techniques. The course also provides instruction on the reconnaissance, scanning, exploitation, and reporting phases of penetration testing. This course would be especially useful for a CISO who is responsible for managing the security of an organization's information assets.
Security Analyst
A Security Analyst is responsible for analyzing security data and identifying threats to an organization's information assets. This course may be useful because it provides instruction on the use of ethical hacking and penetration testing tools and techniques. The course also provides instruction on the reconnaissance, scanning, exploitation, and reporting phases of penetration testing. This course would be especially useful for a Security Analyst who is responsible for identifying and mitigating security risks to an organization's information assets.
Network Security Engineer
A Network Security Engineer is responsible for designing, implementing, and maintaining network security systems. This course may be useful because it provides instruction on the use of ethical hacking and penetration testing tools and techniques. The course also provides instruction on the reconnaissance, scanning, exploitation, and reporting phases of penetration testing. This course would be especially useful for a Network Security Engineer who is responsible for identifying and mitigating security risks in networks.
Security Consultant
A Security Consultant provides advice and guidance to organizations on how to improve their security posture. This course may be useful because it provides instruction on the use of ethical hacking and penetration testing tools and techniques. The course also provides instruction on the reconnaissance, scanning, exploitation, and reporting phases of penetration testing. This course would be especially useful for a Security Consultant who is responsible for helping organizations identify and mitigate security risks.
Information Security Manager
An Information Security Manager is responsible for overseeing the security of an organization's information assets. This course may be useful because it provides instruction on the use of ethical hacking and penetration testing tools and techniques. The course also provides instruction on the reconnaissance, scanning, exploitation, and reporting phases of penetration testing. This course would be especially useful for an Information Security Manager who is responsible for managing the security of an organization's information assets.
Security Architect
A Security Architect is responsible for designing and implementing security systems for an organization. This course may be useful because it provides instruction on the use of ethical hacking and penetration testing tools and techniques. The course also provides instruction on the reconnaissance, scanning, exploitation, and reporting phases of penetration testing. This course would be especially useful for a Security Architect who is responsible for designing and implementing secure systems for an organization.
Systems Administrator
A Systems Administrator is responsible for managing and maintaining computer systems and networks. This course may be useful because it provides instruction on the use of ethical hacking and penetration testing tools and techniques. The course also provides instruction on the reconnaissance, scanning, exploitation, and reporting phases of penetration testing. This course would be especially useful for a Systems Administrator who is responsible for managing and maintaining secure systems.
Computer Scientist
A Computer Scientist is responsible for designing, developing, and implementing computer systems. This course may be useful because it provides instruction on the use of ethical hacking and penetration testing tools and techniques. The course also provides instruction on the reconnaissance, scanning, exploitation, and reporting phases of penetration testing. This course would be especially useful for a Computer Scientist who is responsible for developing and implementing security systems.
Network Administrator
A Network Administrator is responsible for managing and maintaining computer networks. This course may be useful because it provides instruction on the use of ethical hacking and penetration testing tools and techniques. The course also provides instruction on the reconnaissance, scanning, exploitation, and reporting phases of penetration testing. This course would be especially useful for a Network Administrator who is responsible for managing and maintaining secure networks.
Software Engineer
A Software Engineer is responsible for designing, developing, and implementing software systems. This course may be useful because it provides instruction on the use of ethical hacking and penetration testing tools and techniques. The course also provides instruction on the reconnaissance, scanning, exploitation, and reporting phases of penetration testing. This course would be especially useful for a Software Engineer who is responsible for developing and implementing secure software systems.
Information Security Analyst
An Information Security Analyst plans and implements security measures to protect an organization's computer networks and systems. This course may be useful because it provides instruction on the use of ethical hacking and penetration testing tools and techniques. The course also provides instruction on the reconnaissance and scanning phases of penetration testing. This course would be especially useful for an Information Security Analyst who is responsible for identifying and exploiting vulnerabilities in systems.

Reading list

We've selected 12 books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Practice Your First Penetration Test: Kali & Metasploit Lab.
Comprehensive guide to Metasploit, the world's most popular penetration testing framework. It valuable resource for both beginners and experienced pentesters.
Provides a deep dive into the art of exploitation. It valuable resource for experienced pentesters who want to learn more about the technical details of exploitation.
Provides a comprehensive overview of network security, from the basics to the most advanced topics. It valuable resource for both beginners and experienced network security professionals.
Provides a comprehensive overview of web application security, from the basics to the most advanced topics. It valuable resource for both beginners and experienced web application security professionals.
Provides a comprehensive overview of malware analysis, from the basics to the most advanced topics. It valuable resource for both beginners and experienced malware analysts.
Practical guide to penetration testing, with a focus on real-world scenarios. It valuable resource for pentesters of all levels.
Provides a comprehensive overview of ethical hacking. It valuable resource for both beginners and experienced hackers who want to learn more about the ethical and legal aspects of hacking.
Provides a comprehensive overview of Python programming for hackers and pentesters. It valuable resource for both beginners and experienced programmers who want to learn more about the use of Python in hacking and pentesting.
Provides a comprehensive overview of ethical hacking, from the basics to the most advanced topics. It valuable resource for both beginners and experienced ethical hackers.

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Here are nine courses similar to Practice Your First Penetration Test: Kali & Metasploit Lab.
Penetration Testing and Ethical Hacking Complete Hands-on
Most relevant
Kali Linux
Most relevant
The Complete Nmap Ethical Hacking Course : Network...
Most relevant
Start Kali Linux, Ethical Hacking and Penetration Testing!
Most relevant
Ethical Hacking - Der umfassende Kurs
Most relevant
Ethical Hacking using Kali Linux from A to Z
Most relevant
Metasploit for Beginners: Ethical Penetration Testing
Most relevant
The Complete Ethical Hacking Course 2.0: Python & Kali...
Most relevant
LEARN ETHICAL HACKING AND PENETRATION TESTING 5 COURSES...
Most relevant
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser