✔️ Having a wide array of attacks at your disposal

✔️ Ability to automate your own exploits

MSFconsole

Metasploit has a web interface, command line interface, and console interface (MSFconsole)

basic workflow to use metasploit:

1. Identify a vulnerable service
2. Search for a proper exploit for that service
3. Load and configure the exploit
4. Load and configure the payload you want to use
5. Run the exploit code and get access to the vulnerable machine

• Exploit vs Payload

msfconsole
msf> show -h

Identifying a Vulnerable Service

make sure to identify a vulnerable service before exploiting

this means you have to do the vulnerability assessment thoroughly before moving on to the exploitation phase

Searching

Metasploit contains exploit code and other features in modules

search modules using:

msf> search <module name>

Configuring an exploit