Metasploit Framework - The best Pentesting Framework in the world

About Metasploit Framework

   Metasploit is a penetration testing platform that enables you to find, exploit, and validate vulnerabilities. It provides the infrastructure, content, and tools to perform penetration tests and extensive security auditing and thanks to the open source community and Rapid7’s own hard working content team, new modules are added on a regular basis, which means that the latest exploit is available to you as soon as it’s published.

   Author: Rapid7
   License: BSD-3-clause

Install on Linux
 * Debian: sudo apt install metasploit-framework
 * Fedora: sudo yum install metasploit-framework

Install on Windows
   Notes: Run with Administrator, Disable Firewalls and Antivirus

   Download Metasploit for Windows here

Tools included in the metasploit-framework package
   msfconsole – The primary interface of the Metasploit Framework

   msfd – Provides an instance of msfconsole that remote clients can connect to
root@kali:~# msfd -h

Usage: msfd

OPTIONS:

    -A  Specify list of hosts allowed to connect
    -D  Specify list of hosts not allowed to connect
    -a  Bind to this IP address instead of loopback
    -f        Run the daemon in the foreground
    -h        Help banner
    -p  Bind to this port instead of 55554
    -q        Do not print the banner on startup
    -s        Use SSL


   msfdb – Manages the Metasploit Framework database
root@kali:~# msfdb

Manage a metasploit framework database

  msfdb init    # initialize the database
  msfdb reinit  # delete and reinitialize the database
  msfdb delete  # delete database and stop using it
  msfdb start   # start the database
  msfdb stop    # stop the database


   msfrpc – Connects to an RPC instance of Metasploit
root@kali:~# msfrpc -h

Usage: msfrpc

OPTIONS:

    -P  Specify the password to access msfrpcd
    -S        Disable SSL on the RPC socket
    -U  Specify the username to access msfrpcd
    -a  Connect to this IP address
    -h        Help banner
    -p  Connect to the specified port instead of 55553


   msfrpcd – Provides an RPC interface to Metasploit
root@kali:~# msfrpcd -h

Usage: msfrpcd

OPTIONS:

    -P  Specify the password to access msfrpcd
    -S        Disable SSL on the RPC socket
    -U  Specify the username to access msfrpcd
    -a  Bind to this IP address
    -f        Run the daemon in the foreground
    -h        Help banner
    -n        Disable database
    -p  Bind to this port instead of 55553
    -t  Token Timeout (default 300 seconds
    -u  URI for Web server


   msfvenom – Standalone Metasploit payload generator


Metasploit Framework Usage Examples https://asciinema.org/a/118945

   One of the best sources of information on using the Metasploit Framework is Metasploit Unleashed, a free online course created by Offensive Security. Metasploit Unleashed guides you from the absolute basics of Metasploit all the way through to advanced topics.

Read more: Metasploit Pro User Guide