Metasploit Megaprimer 300+ mins of video tute

This topic contains 36 replies, has 19 voices, and was last updated by  raphag 8 years, 5 months ago.

  • Author
    Posts
  • #5667
     vivek.ramachandran 
    Participant

    Hello All,

    Metasploit is probably one of the most useful tools to a hacker. Contains tons of well tested exploits which can be used with multiple payloads to break into systems. In this video series, I have tried to cover all the essential things one needs to know about Metasploit. I start from the very basics and slowly more towards covering intermediate and advanced functionality. I have already created over 300 mins of video.

    Note that this series is still in progress and you can keep checking for the latest videos on SecurityTube http://www.securitytube.net

    Below are the video links and a short description:

    1. Metasploit Megaprimer (Exploitation Basics and need for Metasploit) Part 1

    http://bit.ly/b2Y2pE

    2. Metasploit Megaprimer (Getting Started with Metasploit) Part 2

    http://bit.ly/bLgTOm

    3. Metasploit Megaprimer Part 3 (Meterpreter Basics and using Stdapi)

    http://bit.ly/9sjqqH

    4. Metasploit Megaprimer Part 4 (Meterpreter Extensions Stdapi and Priv)

    http://bit.ly/97f1U3

    5. Metasploit Megaprimer Part 5 (Understanding Windows Tokens and Meterpreter Incognito)

    http://bit.ly/anbODH

    6. Metasploit Megaprimer Part 6 (Espia and Sniffer Extensions with Meterpreter Scripts)

    http://bit.ly/c4A4Eg

    7. Metasploit Megaprimer Part 7 (Metasploit Database Integration and Automating Exploitation)

    http://bit.ly/bT1uD5

    8. Metasploit Megaprimer Part 8 (Post Exploitation Kung Fu)

    http://bit.ly/dicJzI

    9. Metasploit Megaprimer Part 9 (Post Exploitation Privilege Escalation)

    http://bit.ly/asr1ML

    10. Metasploit Megaprimer Part 10 (Post Exploitation Log Deletion and AV Killing)

    http://bit.ly/bvCudb

    11. Metasploit Megaprimer (Post Exploitation and Stealing Data) Part 11

    http://bit.ly/auwtBm

    12. Metasploit Megaprimer Part 12 (Post Exploitation Backdoors and Rootkits)

    http://bit.ly/a7n8nw

    13. Metasploit Megaprimer Part 13 (Post Exploitation Pivoting and Port Forwarding)

    http://bit.ly/9mOztm

    14. Metasploit Megaprimer Part 14 (Backdooring Executables)

    http://bit.ly/bZxwgK

    15. Metasploit Megaprimer Part 15 (Auxiliary Modules)

    http://bit.ly/du779R

    16. Metasploit Megaprimer Part 16 (Pass the Hash Attack)

    http://bit.ly/d7bdZi

    Please do let me know your feedback!

  • #35644
     COm_BOY 
    Participant

    You ROck !!! its great to see people contribution to a thing I call as Open Source Learning πŸ™‚ .

    Don : I really think this man should be upgraded to a status like honorary super member or something like that πŸ˜€

  • #35645
     vivek.ramachandran 
    Participant

    @com_boy wrote:

    You ROck !!! its great to see people contribution to a thing I call as Open Source Learning πŸ™‚ .

    Don : I really think this man should be upgraded to a status like honorary super member or something like that πŸ˜€

    Thanks for those kind words πŸ™‚

    I am also creating a scenario based hacking series, where I will discuss how to break into systems which are present in different scenarios.

  • #35646
     alucian 
    Participant

    Thank you for the videos!

    I downloaded some of them a couple of weeks ago and started to study.

    Very much appreciate your effort!

  • #35647
     ziggy_567 
    Participant

    I saw your videos in a posting a few weeks back and have been going through them over the past couple weeks. I’ve been through them all and really enjoyed them! There were a lot of gems throughout the videos!

    Thanks and keep them coming….

  • #35648
     vivek.ramachandran 
    Participant

    @alucian wrote:

    Thank you for the videos!

    I downloaded some of them a couple of weeks ago and started to study.

    Very much appreciate your effort!

    Thanks! Glad they are of help.

    @ziggy_567 wrote:

    I saw your videos in a posting a few weeks back and have been going through them over the past couple weeks. I’ve been through them all and really enjoyed them! There were a lot of gems throughout the videos!

    Thanks and keep them coming….

    Thank you! πŸ™‚

    I just started the Scenario Based Hacking Series. Will be posting videos in the coming days.

    Here is the intro video for Scenario Based Hacking:

    http://securitytube.net/Metasploit-Megaprimer-Part-17-%28Scenario-Based-Hacking%29-video.aspx

    let me know what you think.

  • #35649
     COm_BOY 
    Participant

    Just saw the link and it really looks cool … do put efforts on IPS bypassing and honeypots

  • #35650
     Anquilas 
    Participant

    That looks absolutely amazing. And the timing, for me, is perfect.

    Btw, maybe you can start a personal blog where you but these things as well? It would make for a nice overview and a nice place to have other people find it.

  • #35651
     COm_BOY 
    Participant

    @Synquell wrote:

    That looks absolutely amazing. And the timing, for me, is perfect.

    Btw, maybe you can start a personal blog where you but these things as well? It would make for a nice overview and a nice place to have other people find it.

    securitytube.net is owned by Vivek

  • #35652
     vivek.ramachandran 
    Participant

    @com_boy wrote:

    Just saw the link and it really looks cool … do put efforts on IPS bypassing and honeypots

    Sure. I have planned for them already. Please keep watching. I am covering the basic cases first, and will then move on to the complex stuff.

    @Synquell wrote:

    That looks absolutely amazing. And the timing, for me, is perfect.

    Btw, maybe you can start a personal blog where you but these things as well? It would make for a nice overview and a nice place to have other people find it.

    As COm_BOY mentioned I run SecurityTube, so it functions both as a blog and a video site for me πŸ™‚

  • #35653
     KrisTeason 
    Participant

    Hey vivek,

    these video series are another great addition to securitytube. I personally downloaded your Assembly Premiere and Buffer Overflow Premiere series videos awhile back (they’re great), and it looks like you put a lot more effort in making these metasploit videos into a longer series. It’s great information overall. I just watched your part 17 and I have a couple recommendations for some scenario based hacking videos you could come up with. For one of the intermediate level based scenarios, maybe you could do like an Access Point Penetration and root into a box or two on the LAN using the attacks you mentioned in your metasploit videos? Maybe even bring in dns spoofing and launch a client-side attack on a workstation or something.

    for a more complex scenario maybe you could do like a 0-Day angle. Where you (the attacker) have made it onto the network and have enumerated the services on a patched machine and have decided that public exploits won’t work in the situation. You decide that you’ll have to develop an 0-Day exploit to get into the box (or something similar/related) – maybe in the process turn the exploit into a metasploit module? Just throwing out some ideas.

    Keep the videos coming, they’re fantastic.

  • #35654
     COm_BOY 
    Participant

    If we talk about the 0day angle .. exploit writing is very beautifully in http://www.corelan.be:8800 . I guess if he can convert those articles to videos πŸ™‚

  • #35655
     vivek.ramachandran 
    Participant

    @xXxKrisxXx wrote:

    Hey vivek,

    these video series are another great addition to securitytube. I personally downloaded your Assembly Premiere and Buffer Overflow Premiere series videos awhile back (they’re great), and it looks like you put a lot more effort in making these metasploit videos into a longer series. It’s great information overall. I just watched your part 17 and I have a couple recommendations for some scenario based hacking videos you could come up with. For one of the intermediate level based scenarios, maybe you could do like an Access Point Penetration and root into a box or two on the LAN using the attacks you mentioned in your metasploit videos? Maybe even bring in dns spoofing and launch a client-side attack on a workstation or something.

    for a more complex scenario maybe you could do like a 0-Day angle. Where you (the attacker) have made it onto the network and have enumerated the services on a patched machine and have decided that public exploits won’t work in the situation. You decide that you’ll have to develop an 0-Day exploit to get into the box (or something similar/related) – maybe in the process turn the exploit into a metasploit module? Just throwing out some ideas.

    Keep the videos coming, they’re fantastic.

    Thanks a ton! I am happy to know the videos were useful. Sometimes when I create these videos and put them up, it’s very difficult to figure out if someone really liked them. πŸ™‚ All I can see is no of views and some comments which help at times, but the vast majority of people are just silent users of the videos, so tough for me to gauge their response.

    I will definitely add the 2 requests. For Zero Days a lot of other stuff would needed to be covered first like disassembly, debugging, reverse engineering etc. But I have already planned for the the above topics. I think I would cover most of these topics in the next 2-4 months in great detail, just like the Metasploit Megaprimer.

    @com_boy wrote:

    If we talk about the 0day angle .. exploit writing is very beautifully in http://www.corelan.be:8800 . I guess if he can convert those articles to videos πŸ™‚

    Yes, The tutes are really great. I will probably use of the concepts but may not copy it exactly as is and do a text -> video conversion πŸ™‚

  • #35656
     Anquilas 
    Participant

    As COm_BOY mentioned I run SecurityTube, so it functions both as a blog and a video site for me πŸ™‚
    [/quote]
    Then by all means, continue the fantastic jobΒ  πŸ™‚

  • #35657
     caissyd 
    Participant

    This is very, very useful stuff!

    Great quality and well presented. I haven’t been through everything yet, but this is very good!!!

  • #35658
     j0rDy 
    Participant

    Damn, How did i miss this topic??? Hands down for the effort!!!

  • #35659
     pizza1337 
    Participant

    Got linked to this from twitter.

    Thank you, and great job!
    securitytube is awesome.

  • #35660
     vivek.ramachandran 
    Participant

    Thanks for all the encouragement my friends πŸ™‚

    Someone posted this thread on reddit

    http://www.reddit.com/r/netsec/comments/dprux/over_300_mins_of_metasploit_video_tutes_released/ and it seems to have become quite popular!

    thanks! πŸ™‚

  • #35661
     reegun 
    Participant

    hi i did all the modules
    portforwarded,
    and tested nearly 10 exploits
    its keep on saying
    Exploit exception:exploit connection time out on 117.*.*.*

    whats the problem,im having 512kbps net speed,

    whether it needs Internet speed

  • #35662
     mallaigh 
    Participant

    Vivek, this is awesome! Thanks so much!

  • #35663
     COm_BOY 
    Participant

    @reegun wrote:

    hi i did all the modules
    portforwarded,
    and tested nearly 10 exploits
    its keep on saying
    Exploit exception:exploit connection time out on 117.*.*.*

    whats the problem,im having 512kbps net speed,

    whether it needs Internet speed

    Are you doing it in your home lab ? If its in home lab then you dont need to have an internet connection and has nothing to do with 512K or so . If you are playing with a public server then are you sure if the port forwarding is working fine on your end ? I think there is a way to have a public ip on your host machine rather then the IP , the modem dials to the internet server but works on bridge mode if i m not mistaken and provides the host public IP .

    I did this few years back on DSL connection , maybe this could help

  • #35664
     caissyd 
    Participant

    Vivek, this is so good!

    Thanks, I love your videos!!!

  • #35665
     boomscud 
    Participant

    Thanks, very useful tuto.Β  πŸ˜‰

  • #35666
     casper 
    Participant

    Outstanding!

    Even better than the content of the videos is the presentation. You must have some teacher in you. Very well done. More please.

  • #35667
     vivek.ramachandran 
    Participant

    Thanks all for these encouraging comments. I am happy to see all that time investment did not go waste πŸ™‚

    I am looking for recommendations for new video series which I can make. Do let me know if you have any topics in mind.

    Hope my accent is not too much of a trouble πŸ™‚

  • #35668
     COm_BOY 
    Participant

    @vivek.ramachandran wrote:

    Thanks all for these encouraging comments. I am happy to see all that time investment did not go waste πŸ™‚

    I am looking for recommendations for new video series which I can make. Do let me know if you have any topics in mind.

    Hope my accent is not too much of a trouble πŸ™‚

    WebApp

  • #35669
     MindOverMatter 
    Participant

    WOW! What can I say, other than this is some amazing material!Β  Very well taught.Β  The way you go through each explanation in such simplicity and with such patience not to rush through, is superb.Β 

    I am a HUGE fan of video based training such as this and I’m happy it’s available for free, but I can definitely see a whole business being built around this methodalogy of teaching.Β 

    Thank you for the wonderful offerings, time and effort provided to the community of us interested.Β  I now look forward to exploring everything you have to offer!Β  πŸ™‚

  • #35670
     casper 
    Participant

    @vivek.ramachandran wrote:

    Hope my accent is not too much of a trouble πŸ™‚

    Not at all. Your English is pretty good.

  • #35671
     vivek.ramachandran 
    Participant

    Thanks @mindovermatter and @casper ! Great to know you feel so. I will be updating more videos in this primer very soon to include exploit writing, meterpreter scripts etc.

  • #35672
     T_Bone 
    Participant

    @vivek.ramachandran

    Hi Vivek

    When will you be producing your scenario based videos you mentioned in a previous post? Fantastic Metasploit videos by the way πŸ™‚

  • #35673
     Ignatius 
    Participant

    I sent a PM to Vivek via another forum about the SBH videos.Β  He mentioned that he was concentrating on creating some videos dealing with assembly language and then he’d resume the SBH series.Β  I don’t know the timescale though.

  • #35674
     Lubinski 
    Participant

    Definitely put in my feed reader now. Thanks a bunch. I look forward to going through these videos.

  • #35675
     vivek.ramachandran 
    Participant

    Thanks for all the encouragement guys!

    I am a bit overwhelmed by your positive response πŸ™‚

    Coming back to topic – Yes, I will be creating new SBH and Metasploit Megaprimer videos very soon. The reason for the wait was that I wanted to finish the Assembly Language series for Linux and Assembly, so that I can use it in custom exploit creation exercises in both SBH and Metasploit series.

    You can view the Assembly Language primers (both linux and windows) here:Β 

    http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,6450.0/

    Please do leave your feedback! That is the only way I can know how to improve and provide better videos in the future.

  • #35676
     AndyB67 
    Participant

    You have just ruined my life for the next few weeks!!!

    Have just learned more about metasploit in the last hour watching a couple of your vids than i’ve managed in the last few months.Β  Trouble is I now want to watch them all so I can get my head round it allΒ  ::)

    Thanks for taking the time and effort to produce these for free.Β  I’ve seen much worse vids from some of the big IT training companies.

  • #35677
     vivek.ramachandran 
    Participant

    @AndyB wrote:

    You have just ruined my life for the next few weeks!!!

    Have just learned more about metasploit in the last hour watching a couple of your vids than i’ve managed in the last few months.Β  Trouble is I now want to watch them all so I can get my head round it allΒ  ::)

    Thanks for taking the time and effort to produce these for free.Β  I’ve seen much worse vids from some of the big IT training companies.

    Thanks! πŸ™‚ My goal for 2011 is to provide quality free educational videos in computer security on as many topics as I can πŸ™‚

  • #35678
     AndyB67 
    Participant

    @vivek.ramachandran wrote:

    Thanks! πŸ™‚ My goal for 2011 is to provide quality free educational videos in computer security on as many topics as I can πŸ™‚

    I await them with baited breath.

    Between your vids and the Swiss Cyber Storm 3 challenge I’ve learnt so much in the last few weeks.Β  Still not managed to crack the challenge and i’m probably not likely to in the time left but it’s been a damm good learning experience!

  • #35679
     raphag 
    Participant

    New here and I can see this topic hasn’t been replied for some times !
    I hope you’re working on new tutorials.

    First of all, congratulation for this very good job, and easily understandable for non-english speaker !!
    I haven’t yet seen all … but I will for sure !

    Around metasploit and for those like me who are not pentester for a long time, maybe could you put some materials about other tools delivered with backtrack (fast-track for example) and some of the steps and useful tools associated to detects each vulnerability (before trying to exploit)
    Just some ideas … maybe too easy or trivial for you … but as someone said, there is a teacher in you and your explanations and the time you take to explain help a lot to unserstand the basics.

    Thanks again for this work !

You must be logged in to reply to this topic.

Copyright Β©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?