Pass The Hash – Bonus Video: Certified Metasploit Framework Professional Course

Pass The Hash – Bonus Video: Certified Metasploit Framework Professional Course

Henry Dalziel | Concise Courses | December 2, 2014

Just to let y’all know that we have added another video to the “Certified Metasploit Framework Professional Course”. This course has been online for several months now and the uptake has been very positive.

The BONUS video that has been added is titled: “Pass The Hash” and it’s an 18 minute long professionally recorded video explaining the processes and concept of Hashing and how they are applied within a hacking and cybersecurity perspective.

The course, authored by the folks behind Top Hat Sec, contains the following modules and course sections:

The BONUS video is the last one added to the below Metasploit Course Syllabus


  • 1.0 Introduction
  • 1.1 Prereqs
  • 1.2 VMware – Virtualbox
  • 1.3 Network Configuration
  • 1.3 Network Configuration
  • 1.4 Starting Metasploit
  • 1.5 Using NMAP
  • 1.6 Importing Nmap
  • 1.7 Running Modules
  • 1.8 Host Discovery Extras
  • 1.9 Host Discovery Extras 2
  • 1.9.1 Alternative Fingerprinting
  • 1.9.2 Exploits & Payloads
  • 1.9.3 Shells


  • 2.0 Meterpreter
  • 2.1 Meterpreter Must Know Commands
  • 2.2 Password Hashes
  • 2.3 Password Hashes 2
  • 2.4 Sniffer
  • 2.5 Remote Viewing
  • 2.6 Keylogger
  • 2.7 Execute Command
  • 2.8 Firewall
  • 2.9 Antivirus
  • 2.9.1 Msfpayload part 1
  • 2.9.2 Msfpayload part 2
  • 2.9.3 Msfpayload part 3


  • 3.0 Adobe
  • 3.1 Java
  • 3.2 Apache /var/www/
  • 3.3 Payload Service
  • 3.4 Payload Persistence
  • 3.5 Resources Cleanup
  • 3.6 Netcat Backdoor
  • 3.7 Writing Scripts
  • 3.8 Meterpreter Scripts
  • 3.9 Encoder Options
  • 3.9.1 Nessus
  • 3.9.2 NeXpose


  • 4.0 GNS3 Pivot
  • 4.1 Windows 7
  • 4.2 Windows 8.1
  • 4.3 Linux


  • 4.4 Bonus – Armitage
  • 4.5 Bonus – NMAP extras
  • 4.6 Metasploit Over The Internet
  • 4.7 Bonus – Android
  • 4.8 Pass The Hash!

About ‘Pass the Hash”

In cybersecurity the term “Pass the Hash” refers to a (relatively) commonly exploited hacking technique that will allow an attacker to authenticate (or access) a remote server or shell by applying the underlying NTLM or LanMan hash of an authorized user’s password.

About Metasploit

Metasploit, or the Metasploit Framework, is a very common Penetration Testing (Hacking Tool) that applies steps that can be implemented to exploit a computer system or network. These steps (which form part of the ‘Framework’) include:

  • Being able to select and configure exploit code that will try to penetrate a system by taking advantage of a known bugs
  • Optionally the hacker (Ethical Hacker) can check to see whether the intended target system is susceptible to the chosen exploit (or known bug/ vulnerability)
  • Selecting and configuring a payload (specific code that will be executed on the target system upon successful penetration; for instance, a remote shell or Hashing
  • Selecting the encoding technique so that the intrusion-prevention system (IPS) ignores the encoded payload.
  • Finally, being able to execute the exploit.

The Metasploit Framework allows the combination of any exploit to be associated within any specific payload.

To be able to master Metasploit is an awesome achievement and will clearly set you up for success in your quest to become a professional penetration tester or ethical hacker.

About the course: Certified Metasploit Framework Professional

You can learn more about the course here, but in summary the Certified Metasploit Framework Professional (CMFP) is a video-based self study course. The course has 4 modules, and has been aimed at beginners and intermediate Metasploit users.

After registering for this course, you will receive access to the entire video course that covers basic to advanced Metasploit concepts and methods. Learn skills to help you compete in Capture The Flag events and get CMFP Certification after you pass the CMFP test!

Leave a comment or reply below...thanks!