Ask HN: How did you learn MetaSploit?

1 points by nobody271 ↗ HN
I've spent like 20 hours banging my head against the wall over the last few weekends.

I started with www.offensive-security.com/metasploit-unleashed. It "teaches" by example instead of concepts, though. I read a good portion of it for what it is worth but it's not worth much.

Then I tried "Mastering MetaSploit" but they don't include a target machine disk image so you can't follow along. Of course you don't realize that until you're some way through the book and have stretched metasploitable to its breaking point.

People joke about how MetaSploit is so easy to use that it's for script kiddies but I'm putting serious effort into learning it and getting nowhere.

3 comments

[ 3.8 ms ] story [ 17.6 ms ] thread
Vulnhub has hundreds of virtual machine images you can download and practice with, such as metasploitable. Hack the box is great. If you want to read a blog post describing how to get admin or root on a box, google boxname walkthrough with vulnhub or hack the box in the search as well. Ippsecs's 90+ youtube videos are excellent. Check out metasploit minute videos. I also heard pentestlabs is good. Good luck!
The Metasploit Project additionally offers Metasploit Express, Metasploit Pro, the Opcode Database (at present obsolete) and a shellcode database. Shellcode is a kind of adventure code in which bytecode is embedded to achieve a specific goal. Basic shellcode goals incorporate including a rootkit or playing out a turn around telnet back to the assailant's machine. Metasploit additionally offers a payload database, enabling the pen analyzer to blend and match misuse code and goals. Refer: https://buyessays.us/
The Metasploit Project additionally offers Metasploit Express, Metasploit Pro, the Opcode Database (at present obsolete) and a shellcode database. Shellcode is a kind of adventure code in which bytecode is embedded to achieve a specific goal. Basic shellcode goals incorporate including a rootkit or playing out a turn around telnet back to the assailant's machine. Metasploit additionally offers a payload database, enabling the pen analyzer to blend and match misuse code and goals. https://buyessays.us/