T4QI
T4QI

Metasploit Inroduction

18 May 2025 • 2 min read

What is Metasploit?

**The Metasploit Framework is a set of tools that allow information gathering, scanning, exploitation, exploit development, post-exploitation, and more. While the primary usage of the Metasploit Framework focuses on the penetration testing domain, it is also useful for vulnerability research and exploit development.

Main Components

  1. **msfconsole
  2. **modules
  3. **tools

Things to know about Metasploit

  1. **Auxiliary
    BASH

/opt/metasploit-framework/embedded/framework/modules# tree -L 1 auxiliary/

TEXT 
2. **Encoders : to encode exploits to bypass signature based anti-virus
```bash
/opt/metasploit-framework/embedded/framework/modules# tree -L 1 encoders/
  1. **Evasion
BASH 
/opt/metasploit-framework/embedded/framework/modules# tree -L 2 evasion/
  1. **Exploits
BASH 
/opt/metasploit-framework/embedded/framework/modules# tree -L 1 exploits/
  1. **NOPS : No operation used to make payloads with consistent size
BASH 
/opt/metasploit-framework/embedded/framework/modules# tree -L 1 nops/
  1. **Payloads: They are four types
BASH 
/opt/metasploit-framework/embedded/framework/modules# tree -L 1 payloads/
1. Adapters: can adapt a payload to different formats. powershell so the payload could be excuted with one command
2. Singels: self-contained payloads doesn't need a downloadable to run
3. Stagers: Responsible to set up connection between metasploit and target machine then downloads stage payload.
4. Stage: Allow large payload sizes
  1. **Post : Post-Exploitation Module
BASH 
/opt/metasploit-framework/embedded/framework/modules# tree -L 1 post/

Start searching

Enter keywords to search articles.

↑↓ Navigate
Select
ESC Close
CtrlK Shortcut