Linux Exploits & Mitigation: Penetration Tools


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description
The baseline of security for any computer system is a defense against known exploits and attacks. In this course, you'll learn how to employ the core pentesting tools to help validate that your systems and software are secure against known attacks. You'll start by learning how to leverage the capabilities of Metasploit by using its basic commands, payloads, and options. You'll then explore Metasploitable, Commix, as well as Exploit Database, SearchSploit, and the Linux Exploit Suggester. Next, you'll learn how to use RouterSploit and ShellNoob to carry out tests. Finally, you'll examine how to use SQLMap to explore how SQL injection attacks are formed and how to protect against them.

Expected Duration (hours)
1.0

Lesson Objectives

Linux Exploits & Mitigation: Penetration Tools

  • discover the key concepts covered in this course
  • navigate the basic commands used to prepare exploit tests using Metasploit
  • run the Metasploitable vulnerable virtual machine
  • prepare a Metasploit command that exploits a vulnerable web service
  • modify options used to vary the operation of a Metasploit command
  • exploit an outdated Samba file sharing service to gain root access using Metasploit
  • test for command injection vulnerabilities in web-based applications using Commix
  • search for exploits and shellcodes using Exploit Database
  • detect Linux security weaknesses using the Linux Exploit Suggester utility
  • scan for potential router vulnerabilities using RouterSploit
  • resolve opcodes and syscall numbers from binary executables using ShellNoob
  • convert shellcode between binary and text formats using ShellNoob
  • explore the use of SQL injection attacks and protections against them using SQLMap
  • summarize the key concepts covered in this course

    • Course Number:
    it_cylxexdj_05_enus

    Expertise Level
    Expert