**The Metasploit Framework is a set of tools that allow information gathering, scanning, exploitation, exploit development, post-exploitation, and more. While the primary usage of the Metasploit Framework focuses on the penetration testing domain, it is also useful for vulnerability research and exploit development.
Main Components
- **msfconsole
- **modules
- **tools
- **Auxiliary
/opt/metasploit-framework/embedded/framework/modules# tree -L 1 auxiliary/
1
2
3
| 2. **Encoders : to encode exploits to bypass signature based anti-virus
```bash
/opt/metasploit-framework/embedded/framework/modules# tree -L 1 encoders/
|
- **Evasion
1
| /opt/metasploit-framework/embedded/framework/modules# tree -L 2 evasion/
|
- **Exploits
1
| /opt/metasploit-framework/embedded/framework/modules# tree -L 1 exploits/
|
- **NOPS : No operation used to make payloads with consistent size
1
| /opt/metasploit-framework/embedded/framework/modules# tree -L 1 nops/
|
- **Payloads: They are four types
1
| /opt/metasploit-framework/embedded/framework/modules# tree -L 1 payloads/
|
1. Adapters: can adapt a payload to different formats. powershell so the payload could be excuted with one command
2. Singels: self-contained payloads doesn't need a downloadable to run
3. Stagers: Responsible to set up connection between metasploit and target machine then downloads stage payload.
4. Stage: Allow large payload sizes
- **Post : Post-Exploitation Module
1
| /opt/metasploit-framework/embedded/framework/modules# tree -L 1 post/
|