Last Updated: November 21, 2025
Metasploit
Penetration testing framework
Core Components
| Item | Description |
|---|---|
Exploit
|
Code to exploit vulnerability |
Payload
|
Code to execute on target |
Module
|
Reusable code |
Meterpreter
|
Advanced payload |
Auxiliary
|
Scanning and fuzzing |
Encoder
|
Evade detection |
Basic Commands
| Item | Description |
|---|---|
msfconsole
|
Start Metasploit |
search
|
Find modules |
use exploit/...
|
Select exploit |
set
|
Configure options |
exploit
|
Run exploit |
sessions -l
|
List sessions |
Best Practices
- Only use with authorization
- Start with scanning modules
- Understand exploits before using
- Use Meterpreter for post-exploitation
💡 Pro Tips
Quick Reference
Always get written authorization before testing