Metasploit Workshop
Date: 2024-03-13
Difficulty: Beginner
Delivered By: Matthew Grove
Overview
Dive into the tools and techniques used by cybersecurity professionals worldwide with us, as we investigate Metasploit and its many, many uses. In this session we will show you how to use Metasploit, a powerful penetration testing framework, to its full potential, and give you an hands-on experience with it! Whether you're a seasoned cyber security enthusiast or a curious beginner, this session offers something for everyone.
What to expect in this session:
🕵️ An intro to Metasploit
🛠️ Explanations and demos of how it works, including assessment, exploitation, and post-exploitation
🏆 A mini CTF with a variety of exploitable systems for all abilities
The CTF will provide an exciting opportunity to apply what you've learned in a simulated environment - work individually or in teams to solve real-world cybersecurity puzzles, showcasing your problem-solving abilities and strategic thinking!
Prerequisites
This session requires metasploit. The simplest way to get and use this tool is in a Kali VM (metasploit comes preinstalled), how to setup a Kali VM is described here. Alternativly metasploit can be downloaded here.
Session Resources
This session is available in three parts:
- A lab on WithSecure Playground.
- A website, accessible at http://metasploit.sucss.org:31337.
- An attackable network accessible over SSH, with
ssh [email protected]and the passwordsup3rs3cr3t. You must be on Eduroam or the VPN to access this.- Anything starting with
sucss-kaliis NOT in scope.
- Anything starting with
There are username and password wordlists that may be helpful.