Metasploit was made by H.D Moore back in 2003. It is a framework which was made to bring all the features together so as to make it easier for a professional to access everything with a single command. It contains all the tools from information gathering to maintaining access on a system. Not only tools but it also provide different interfaces with different functionalities:
- Msfconsole – Handy interface which is the most popular one.
- Msfcli– provide scripting and interpretable environment with other console tools. Runs directly from the command line.
- Armitage– A total Graphical interface framework.
Tools:
-
Msfpayload – Used to generate shellcodes
- MSfencode- used to encode the payload to pass through IDS/ Antiviruses.
Combining both of these tools later in 2015, A new utility came called msfvenom, which provides generation of payload and also encode it with different schemes.
- Nasm Shell – Used for identifying assembly instruction opcodes.
What it allows you to do:
- Create a work-space of your own to store all your target information
- Gather information about a target
- Scanning for vulnerable services of the target
- creation of your own code
- Exploitation of the target
- Maintaining access with the target – Meterpreter – A post exploitation tool, which injects a DLL so as to create a process to control the system remotely.
- Handling the target