HCME : : Hack Planet Certified Metasploit Expert

image1

The Metasploit Framework is one of the most popular tools which is used by a hacker for a security audit (penetration testing) for development and release of exploits frequently in their audits / Penetration Testing. The framework enables you to select the exploits, auxiliary modules, fuzzers, scanners, bombers, brute forcers, payloads, encoders, nops, etc. and use them as per your need in a Penetration Test. The course aims to present the tool, as well as the possibility of modification of the modules given so as to make changes at the run time. All these features will be explained in a very in depth manner with live practical in the session.

OBJECTIVES:
* Understanding of how metasploit can be used extensively in Penetration testing.
* In depth understanding of Metasploit far beyond remote machine exploitation. .

The current demand for Information Security jobs continue to grow. With information security increasingly becoming a boardroom level concern, training and certification are becoming increasingly important for candidates and companies.

"NASSCOM predicts requirement of 1,88,000 IT Security Professionals by the year 2010. Currently the number of security professionals in India is around 22,000."

Our Training Modules

Duration :48 hours (6 Weeks / 6 Days)

Training Fees: INR 10,000/- / 150 USD

* 45 Days

* 3 Months


Introduction To Hacking

Basic Terminologies

Phases of Hacking

Hacking/ Ethical ??
Installing Backtrack on VM

Installing Metasploitable on VM

Configuring up the Virtual Network Editor

Metasploit interfaces

i. Msfconsole

ii. Msfcli

iii. Armitage

Metasploit Utilities

Introduction

Scope / Goal

Methodology

Points to Remember

Auxiliary Modules

Exploit Modules

Payloads

Encoders

Posts

Passive Info Gathering
i. Whois
ii. Archives
iii. NSlookup
iv. Trace Routes
v. Site Crawling
vi. DNS Records

Active Info Gathering
i. Identifying Open Hosts
ii. Identifying Open Ports
iii. Banner Grabbing (Identifying Services)
iv. Operating System Fingerprinting

Vulnerability Assessment
i. Scanning With Nessus
ii. Scanning with Nexpose
iii. Database integration and Automated Exploitation

MSF Port Scanners

Version Fingerpriting

Login Scanners

Banner Grabbing

MSSQL / MYSQL Hunt

Sniffing

Enumeration

Basic Exploits

Client Side Exploits

Using MULTI/HANDLER

DLL Hijacking Exploitation

File Format Exploits [PDF, PPT, XLS, WAV, AVI, XPI, etc.]
1. Adobe PDF Exploits
2. MS Office 2010/2007 PPT
3. MS Office 2010/2007 RTF
4. MS Office 2010/2007 XLS
5. Fireforx XPI
6. Java Rhino
7. VLC MMS Stream Handling Buffer Overflow

Generic Payloads

Payload king – Meterpreter

Creating your stand alone binaries.

Creating your payload in RAW formats

Encoding

Multi Encoding

Packers

Introduction

Stdapi and priv

Extending the Access (incognito, espia, sniffer, etc.)

Keylogging

Sniffing

Privilege Escalation

Enumerating the Machine

Session Up gradation

Persistant Access

Pivoting

Extracting Information.

Writing Meterpreter scripts

Custom Scripting

Using API calls

Persistent Meterpreter Scripting

SET [Social Engineering Toolkit]

Fast Track

Karmetasploit

Armitage

a. Introduction

b. Need and Benefits of Porting Exploits

c. Methodology

d. Testing the Work

A Vast toolkit of 5 DVDs will be provided to each student participating in the course which will contain the following things :

Video Tutorials

Tools, EBooks, Tutorials

Ready Made Environments (For Practice)

Operating System ISOs

A Reference Book (Official Guide to HCME)

A HCME Certificate will be given to each student on successfully clearing the examination.

Students clearing the exam with A+ Grade will be given 10% Discount in any further course from Hack Planet....


Examination:-

---------- Exam 1 - 2 Hours -----------

The course “Metasploit” is ideal for professionals who want to determine the security posture of a company, identify and exploit potential problems in processes and critical assets of your business. This course can be helpful to:

• Network Administrators

• Security Officers

• Network Auditors

• Info Sec Researchers

• Penetration Testers

• Vulnerability Assessment Professionals

• Corporate Info Sec Trainers

# Live Demonstration of Latest Exploitation Techniques & tools.

# Hands on Practice Sessions.

# 100% Placement Assistance from Hack Planet.

Note :
Most of the time students have doubts, whether things will be demonstrated or not. Our classroom programs focus on one to one interaction with each student meanwhile proper conceptual knowledge and practical exposure of all the modules.

# We have rich experience working on cases & training for Crime Branch, Delhi, noida, Chandigarh.

# Conducted more than 160 workshops & seminars for Students & Professionals across all over india.

# We helped Top Investigating Agencies to solve Cyber Terrorism Cases.

# We do not use third party tools. We have developed our Crypters, Trojans, Scripts etc.

*We have Tech Supoprt: As a software company, we know exactly how important technical support can be. If a customer needs technical support for one of our products, no one can do it better than us. Our offices are open from 9am until 9pm Monday to Friday, and soon to be 24hours. Unlike many companies, you are able to talk directly with software developers so you know you are getting the help you need

HCME