✔️ Metasploit's basic usage

✔️ How to configure and launch an exploit to get a Meterpreter shell

PRO TIP: UPDATE THE INFO ONCE YOU GET NEW INFO FROM EXPLOITATIONS

help

there are two areas:

Core Commands

...

Database Commands

...

Scanning networks:

msf> search arp
msf> use arp_sweep

set options RHOSTS to the current network to scan

Port scan:

msf> search port scan
msf> use tcp

set RHOSTS with the hosts that are up

better use nmap only 🤦🏾‍♂️

nmap -A <hosts list>

Vulnerability Scanning

example: to check smb vulnerability

nmap --script smb-check-vulns.nse --script-args=unsafe=1 <host>

Exploitation