Executive brief on how PCI DSS 4.0 affects offensive security practices, penetration testing, and segmentation testing. Watch Now

Network Penetration Testing Toolkit: Netcat, Nmap, and Metasploit Basics

Presentation from Day of Shecurity 2019 familiarizes you with the necessary tools to continue your ethical hacking journey.

Presentation by Kelly Albrink and Cecillia Tran at Day of Shecurity 2019

This presentation introduces you to the top three tools needed to get started in network penetration testing: Nmap, Netcat, and Metasploit.

The presentation covers:

  • Nmap – port scanning, fingerprinting, and NSE scripts
  • Netcat – banner grabbing, bind shells, reverse shells
  • Metasploit – exploits, payloads, handlers, and database usage



Kelly albrink headshot

About the author, Kelly Albrink

Vice President of Delivery, Consulting Security Services

Kelly Albrink (CCNA CyberOps, GCIH, GSEC, OSCP, GWAPT, Sec+) is the Vice President of Delivery for Consulting Security Services at Bishop Fox. In this role, she oversees the delivery of comprehensive security assessments including red teaming, application penetration testing, cloud penetration testing, network penetration testing, and hardware (IoT) security services.

Kelly has presented at numerous Bay Area security events including Okta's inaugural security conference, Okta Rex, Day of Shecurity, and the DeadDrop San Francisco Meetup. She is a recipient of the SANS CyberTalent Immersion Academy scholarship and is an active CTF participant. Kelly has competed in the NetWars Tournament of Champions, a national invite-only competition that admits only those who have placed highly in regional CTFs. As a consultant, Kelly frequently performed hardware and wireless testing, becoming a subject matter expert in this area. She is responsible for identifying a high-risk CVE that impacted an Eaton power management appliance. As the Application Security Practice Director at Bishop Fox, she has helped facilitate the expansion of the practice to focus on security during the design phase. This includes the development of offerings such as architecture security assessments, source code review, and threat modeling. She has also created a consulting mentorship program and led the revamp of an internal knowledge-sharing series of technical talks.

Beyond her professional responsibilities, Kelly is an active member of the security community. She volunteers with her local hackerspace, Noisebridge, where she organizes Infosec Lab Nights and mentors aspiring penetration testers. She holds multiple industry certifications including OSCP, GWAPT, GCIH, GSEC, CCNA CyberOps, and Security+, demonstrating her commitment to continuous learning and professional development in cybersecurity. At the first ever DerpCon, she presented on Software Defined Radio (SDR), a topic she later wrote about for the Bishop Fox blog in "Ham Hacks: Breaking into Software-Defined Radio."

More by Kelly

Default fox headshot purple

About the author, Cecillia Tran

Engagement Manager

Cecillia Tran is a Bishop Fox alumna who was an Engagement Manager during her time at the firm.

More by Cecillia

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.