Master Metasploit and the manual exploitation skills behind it, from scanning and post-exploitation to building your own shells and payloads.

This module covers exploitation from two complementary angles: Metasploit, the framework that powers countless real-world engagements, and the manual craft that underpins it. You’ll work through Metasploit from the ground up, learning to scan for vulnerabilities, exploit live systems, run post-exploitation modules, and generate custom payloads with msfvenom. From there, you’ll move beyond the framework to build your own shells, listeners, and payloads from scratch, so you can weaponize an exploit whether a framework is on the table or not.

Metasploit: The Basics

Navigate msfconsole, search for modules, configure exploits, and manage sessions on target systems.

Metasploit: Scanning and Exploitation

Scan networks, use the Metasploit database, identify vulnerabilities, and exploit live targets.

Metasploit: Post-Exploitation

Use Meterpreter to harvest credentials, escalate privileges, and explore compromised systems.

Metasploit: Payload Generation

Generate custom payloads with msfvenom, choose formats, set up handlers, and catch reverse shells.

Exploitation and Weaponisation

Learn to exploit vulnerabilities, weaponise findings, and demonstrate real-world impact.

Shells & Listeners Fundamentals

Learn how to create, stabilise, and secure reverse and bind shells for penetration testing.

Shell Payload Generation & Delivery

Generate, customise, and deploy shell payloads with msfvenom, Metasploit, and webshells.

Lock in what you learned with a recap. Earn points and keep your streak.

Need to know

Linux Fundamentals

Many servers and security tools use Linux. Learn how to use the Linux operating system, a critical skill in cyber security.

Networking

Learn about the OSI model and TCP/IP networking layers. Explore the different plaintext and secure networking protocols that we use every day.

Next steps

Privilege Escalation

Learn privilege escalation across Linux and Windows, from enumeration and automation to two live challenge environments.

Pentesting Methodologies and Reporting

Understand the methodology and reporting behind every professional pentest, from threat modeling and scoping to re-testing fixes.

What are modules?

A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).

Hierarchical diagram showing how learning pathways contain modules, which contain individual rooms.

Metasploit and Exploitation