Author: S J

Payload, in simple terms, are simple scripts that the hackers utilize to interact with a hacked system. Using payloads, they can transfer data to a victim system. Metasploit payloads can…

After vulnerability scanning and vulnerability validation, we have to run and test some scripts (called exploits) in order to gain access to a machine and do what we are planning to…

In this chapter, we will learn how to validate the vulnerabilities that we have found from vulnerability scanners like Nexpose. This process is also known as vulnerability analysis. As shown in…

A vulnerability is a system hole that one can exploit to gain unauthorized access to sensitive data or inject malicious code. Metasploit, like all the others security applications, has a vulnerability scanner which is…

Metasploit is a powerful security framework which allows you to import scan results from other third-party tools. You can import NMAP scan results in XML format that you might have…

Task Chains is a feature found in the Metasploit Pro version which helps us to schedule tasks and execute them. It is generally used for processes that run periodically, for…

The first phase of penetration involves scanning a network or a host to gather information and create an overview of the target machine. Discovery Scan is basically creating an IP list…

A vulnerable target is a machine or device with an unpatched security hole. It makes the host vulnerable, which is the target in this case. For testing purpose, Rapid7 has…

Pro Console is a commercial console version of Metasploit. It is available for Linux, Microsoft OS, and OSX. Metasploit Pro can help penetration testers to − Leverage the Metasploit open…

In this chapter, we will see how to use the Armitage GUI for Metasploit. Armitage is a complement tool for Metasploit. It visualizes targets, recommends exploits, and exposes the advanced post-exploitation features.…