Skip to content

Different types of software:

  • Hydra: password cracker
  • Nmap: port scanning
  • Nessus: vulnerability scanning

Metasploit is framework. To do list:

  1. scan the system for open ports
  2. find the services runing on those ports
  3. check if that service has vulnerabilities
  4. open Metasploit and use "search" to find exploits
  5. fire your exploit and get an AWESOME meterpreter
  6. sit and relax
nmap -sV 192.168.1.102 -vvv
msfconsole
> search 
> use exploit/.../...
> show options
> set RHOST ...
> set RPORT ...
> show options
> run
> help

Metsploitable test machine: intentionally vulnerable Linux virtual machine.

www.rapid7.com/db - Rapid7 vulnerabilities database