Executive brief on how PCI DSS 4.0 affects offensive security practices, penetration testing, and segmentation testing. Watch Now

Network Penetration Testing Toolkit: Netcat, Nmap, and Metasploit Basics

Presentation from Day of Shecurity 2019 familiarizes you with the necessary tools to continue your ethical hacking journey.

Download Workshops & Training

Presentation by Kelly Albrink and Cecillia Tran at Day of Shecurity 2019

This presentation introduces you to the top three tools needed to get started in network penetration testing: Nmap, Netcat, and Metasploit.

The presentation covers:

  • Nmap – port scanning, fingerprinting, and NSE scripts
  • Netcat – banner grabbing, bind shells, reverse shells
  • Metasploit – exploits, payloads, handlers, and database usage


Kelly albrink headshot

About the author, Kelly Albrink

Vice President of Delivery, Consulting Security Services

Kelly Albrink (CCNA CyberOps, GCIH, GSEC, OSCP, GWAPT, Sec+) is the Vice President of Delivery for Consulting Security Services at Bishop Fox. In this role, she oversees the delivery of comprehensive security assessments including red teaming, application penetration testing, cloud penetration testing, network penetration testing, and hardware (IoT) security services.

Kelly has presented at numerous Bay Area security events including Okta's inaugural security conference, Okta Rex, Day of Shecurity, and the DeadDrop San Francisco Meetup. She is a recipient of the SANS CyberTalent Immersion Academy scholarship and is an active CTF participant. Kelly has competed in the NetWars Tournament of Champions, a national invite-only competition that admits only those who have placed highly in regional CTFs. As a consultant, Kelly frequently performed hardware and wireless testing, becoming a subject matter expert in this area. She is responsible for identifying a high-risk CVE that impacted an Eaton power management appliance. As the Application Security Practice Director at Bishop Fox, she has helped facilitate the expansion of the practice to focus on security during the design phase. This includes the development of offerings such as architecture security assessments, source code review, and threat modeling. She has also created a consulting mentorship program and led the revamp of an internal knowledge-sharing series of technical talks.

Beyond her professional responsibilities, Kelly is an active member of the security community. She volunteers with her local hackerspace, Noisebridge, where she organizes Infosec Lab Nights and mentors aspiring penetration testers. She holds multiple industry certifications including OSCP, GWAPT, GCIH, GSEC, CCNA CyberOps, and Security+, demonstrating her commitment to continuous learning and professional development in cybersecurity. At the first ever DerpCon, she presented on Software Defined Radio (SDR), a topic she later wrote about for the Bishop Fox blog in "Ham Hacks: Breaking into Software-Defined Radio."

More by Kelly
Default fox headshot purple

About the author, Cecillia Tran

Engagement Manager

Cecillia Tran is a Bishop Fox alumna who was an Engagement Manager during her time at the firm.

More by Cecillia

Extend Your Knowledge

Check out these related resources.

Bfx25 2025 Q3 Guide LLM Vuln Research
Guide

LLM-Assisted Vulnerability Research

Explore Bishop Fox's experimental research into applying Large Language Models to vulnerability research and patch diffing workflows. This technical guide presents methodology, data, and insights from structured experiments testing LLM capabilities across high-impact CVEs, offering a transparent look at where AI shows promise and where challenges remain.

Learn More
Red Team Readiness Guide - Key questions to ask before a red team engagement. Bishop Fox resource for assessing cybersecurity preparedness.
Guide

Red Team Readiness Guide

The Red Team Readiness Guide is a practical, question-driven planning framework that helps security leaders align stakeholders, clarify objectives, and evaluate organizational readiness ahead of a Red Team engagement. Use it to avoid common pitfalls, define business-relevant goals, and set the stage for maximum impact.

Learn More
Bishop Fox solution brief on AI security testing for large language models (LLMs), featuring human-led adversarial prompt testing, social engineering techniques, and expert methodologies to assess and secure intelligent systems.
Solution Brief

The Human Element of AI Security Solution Brief

Learn how expert-driven testing goes beyond automation to thoroughly assess AI and LLM applications with techniques grounded in human behavior and social engineering.

Learn More

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.