- Metasploit project is a ruby-based modular pentesting platform - enables you to write, test, and execute the exploit code - exploit code can be custom written or pulled from a db - Swiss-Army knife with enough tools to exploit most common, unpatched vulns - Split into two versions: Metasploit Pro and MSF - MSF includes a suite of tools to test security vulns, enumerate networks, execute attacks, and evade detection - `msfconsole` is an "all-in-one" centralized console and allows you efficient access to virtually all options available in the MSF - Metasploit Pro includes task chains, social engineering, vuln validation, GUI, quick start wizards, and nexpose integration as compared to MSF - Metasploit Pro includes its own version of `msfconsole` - Modules are exploit PoCs that have already been developed+tested and integrated within the MSF for easy access ## MSF Architceture - all base files found in `/usr/share/metasploit-framework` ![[images/Pasted image 20251003160908.png]] - plugins offer the additional flexibility when using the `msfconsole` since they can easily be manually or automatically loaded as needed - modules located in categorized folder within `/usr/share/metasploit-framework/modules`![[images/Pasted image 20251003161047.png]] - `msfconsole` is an interactive sub-shell that provides access to MSF ![[images/Pasted image 20251003193448.png]] - `msfconsole -q` will launch `msfconsole` in quiet mode aka without the ASCII splash page - `sudo apt update && sudo apt install metasploit-framework` to install MSF - once in `msfconsole`, type `help` to shows available commands ## MSF Engagement Structure - Enumeration - service validation: passive+active scanning - vuln research - Preparation - code auditing - dependency check - importing custom modules - Exploitation - run module locally - set parameters - run - Privileged Escalation - vuln research - creds gathering - token impersonation - Post-Exploitation - pivoting to another system - creds gathering - data exfil - cleanup