Penetration testing

Metasploit Certification Overview

Irfan Shakeel
June 3, 2016 by
Irfan Shakeel

Metasploit, a well-known security framework, it is widely used by information security experts during the penetration testing process for developing and executing the exploits against the target network/machine. Metasploit Framework is an open source project launched by Rapid7; it is one of the world's largest database of public and tested exploits.

Apart from the framework, Rapid7 validates the experts of its product and release certificates. Rapid7 also provides different editions of Metasploit and amongst them; Metasploit PRO is the widely known product because of its system architecture, capability, and the features. The following table shows the advantages of Metasploit PRO:

Earn two pentesting certifications at once!

Earn two pentesting certifications at once!

Enroll in one boot camp to earn both your Certified Ethical Hacker (CEH) and CompTIA PenTest+ certifications — backed with an Exam Pass Guarantee.

Metasploit PRO

Metasploit Express

Community Edition

Metasploit Framework

Express features plus:

  • Wizards for standard baseline audits
  • Task chains for automated custom workflows
  • MetaModules for discrete tasks such as network segmentation testing
  • Dynamic payloads to evade leading anti-virus solutions
  • Full access to an internal network through a compromised machine with VPN pivoting
  • Closed-loop vulnerability validation to prioritize remediation
  • Phishing awareness management & spear phishing
  • Web app testing for OWASP Top 10 Vulnerabilities
  • Choice of advanced command-line (Pro Console) and web interface
  • Integrations via Remote API

Community feature plus:

  • Smart Exploitation
  • Automated Credentials Brute Forcing
  • Baseline Penetration Testing Reports

  • Simple Web Interface
  • Network discovery
  • Import of network scan data
  • Basic Exploitation

  • De-facto standard for penetration testing with more than 1,500 exploits
  • Basic command-line interface
  • Import of network scan data
  • Manual exploitation
  • Manual credentials brute forcing

Rapid7 validates individual experts, and the objective of the exam is to test the ability to use Metasploit PRO effectively and efficiently, this is why the importance of Metasploit PRO outsmarts the others. The title of the certificate is "Metasploit Pro Certified Specialist (MPCS)" and it can be achieved after passing the exam based on Metasploit PRO.

Why Metasploit Certification?

Regardless of geographical boundaries, language barriers and other issues; Metasploit is the common language of all the penetration testers. Experts use and recommend Metasploit for testing the security of networks/system/server around the world. Organizations based in U.S, Europe, Middle East and elsewhere use Metasploit and are willing to hire an expert who understands and uses Metasploit to find the vulnerabilities and give the POC with solutions. It increases the chances to get hired if you become a Metasploit PRO certified specialist. The valuable certificate, Rapid7 itself, provides the evidence of your skillset and distinguishes you from the others. Besides it, you get the chance to learn the advanced pen testing process and methodologies while learning this program. You need to score 80% or above to pass the exam, and the duration of the exam is 2 hours.

Metasploit PRO is the center point of this certificate; the editions of Metasploit can be compared by the following parameters:

  • Navigation and user interface
  • Pentesting capability
  • Vulnerability Verification
  • Reporting
  • Support
  • Parameter Pro Express Community Framework

    Web-based user-friendly interface ü ü ü

    Most commonly used command-line interface ü ü

    Advanced command-line console for PRO version to manage all the activities from a single location and generate a single report ü

    The world's largest public database of exploits ü ü ü ü

    Launch exploit against a single host ü ü ü ü

    Launch a single exploit against multiple hosts in the same environment ü ü ü

    Metasploit automatically selects the exploits that match the found services and devices. Check the reliability of safe testing ü ü

    Metasploit automatically combines and use all the exploits and auxiliary modules against a target ü

    Smartly collect the evidence (screenshots, password, hashes, etc.) from the system ü ü

    Metasploit automatically launches the post-exploitation modules. For example, maintaining the connection, getting the evidence from the host ü

    Get the connection closed re-established. Target closes the system ü

    Launch the brute-force attack against the target host, use the previously capture password and hashes ü ü

    Conduct a social engineering test by sending phishing email with attachment or redirect the target to the website containing exploits ü

    Conduct OWASP top 10 test against a web application ü

    Bypass IDS and IPS ü

    Bypass antivirus solutions using dynamic payloads ü

    VPN-pivoting to get layer-2 access via compromised machine ü

    Integrate Metasploit with Nexpose and third party scanners ü ü ü ü

    Start Nexpose within the system and get the result automatically imported ü ü ü

    Put tags and send the exploitable vulnerabilities back to the Nexpose for follow-up ü

    Test the target after remediation to validate the exploit ü ü

    Automatically create the penetration testing report with all the information of audit and compromised hosts detail. ü ü

    Create advanced report, social engineering test, web application test, and compliance test as well. ü

    Community support ü ü ü ü

    Rapid7 24/7 email and phone support ü ü

    The above comparison clearly shows the advantages of Metasploit PRO, since social engineering is the real danger organizations are facing, and Metasploit PRO has the capability to conduct a social engineering test. During the exam, you will be asked about social engineering, so Metasploit PRO will help you be prepared.

    There are plenty of tutorials and guides are available on the internet, and most of them only focus on the Metasploit framework. Don't misunderstand the certificate with Metasploit framework, as the title says "Metasploit PRO Certified Specialist" and in the exam, they ask questions that are beyond the horizons of other editions than Metasploit PRO. So learning Metasploit PRO is not only the essential but the only way to prepare yourself for the exam. Few important topics to learn for the exam:

    Become a Certified Ethical Hacker, guaranteed!

    Become a Certified Ethical Hacker, guaranteed!

    Get training from anywhere to earn your Certified Ethical Hacker (CEH) Certification — backed with an Exam Pass Guarantee.

    • Navigating the GUI (most of the versions)
    • Network scanning (more or less every version does)
    • Maintaining access and privilege escalation (Metasploit PRO)
    • Web application pen testing (Metasploit PRO)
    • Social engineering (Metasploit PRO)
    • Pass the hash and pivoting (Metasploit PRO)
    • Automated exploitation and brute forcing (Metasploit PRO)
    • Metasploit PRO product awareness and its features (Metasploit PRO)

    During the exam, you will be demonstrating your skillset using Metasploit PRO, so get the software learn and practice it before taking the exam.

    Irfan Shakeel
    Irfan Shakeel

    Irfan Shakeel is the founder & CEO of ehacking.net An engineer, penetration tester and a security researcher. He specializes in Network, VoIP Penetration testing and digital forensics. He is the author of the book title “Hacking from Scratch”. He loves to provide training and consultancy services, and working as an independent security researcher.