Metasploit
is the renowned Penetration testing framework created by H. D. Moore
in 2003, metasploit was created to hack into computer systems for
testing purpose. Metasploit can be used for following purposes:
is the renowned Penetration testing framework created by H. D. Moore
in 2003, metasploit was created to hack into computer systems for
testing purpose. Metasploit can be used for following purposes:
-
Validate
security risks as part of your vulnerability management program. -
Safely
simulate attacks on your network to uncover security issues. -
Verify
your defenses, security controls and mitigation efforts. -
Measure
the effectiveness of your security awareness program. - Audit password security
beyond Windows and Linux logins.
Metasploit
Community Edition provides us with a graphical user interface (GUI)
that simplifies network discovery and vulnerability verification for
specific exploits, increasing the effectiveness of vulnerability
scanners such as Nessus, Nexpose, and so forth.
Community Edition provides us with a graphical user interface (GUI)
that simplifies network discovery and vulnerability verification for
specific exploits, increasing the effectiveness of vulnerability
scanners such as Nessus, Nexpose, and so forth.
Features
Metasploit Community Edition
enables us to:
- Map out our network –
Host identification, port scanning and OS fingerprinting.
- Integrate with other
vulnerability scanners – Import data from Nessus, NMAP, and other
solutions. In addition, Nexpose scans can be initiated from within
Metasploit Communication Edition.
- Find the right exploit –
With the world’s largest quality-assured exploits, finding the right
exploit is just seconds away!
- Verify remediation – Do
you think your host has been patched against a specific
vulnerability? Fire an exploit and find out!
- And the best part?
Metasploit Community Edition is provided to the InfoSec Community
FREE of charge.
How
to Configure Metaploit GUI in Kali Linux
-
On
the first step, download the community version from Rapid7 website -
Get
the activation code via your email -
Open
the terminal and locate the directory where you have download the
GUI before -
Make
the program executable and then start the installation process by
using following commands:
chmod
+x metasploit.run
./metasploit.run
-
Follow
the simple installation process, use the default ports -
Kali linux comes with a metaspoit folder by default, so it recommended to
create another directory for metasploit GUI (to avoid any possible
conflicts) -
Use
the server name as localhost (127.0.0.1)
-
After
installation process, click on Application ? Kali Linux ? System
services ? Metasploit ? Community / pro start -
Open
your favorite browser and then open this URL
(https://localhost:3790/) -
Enter
the activation code -
You
are in 🙂
Activation
is successful, now you can scan the target network and get the
vulnerabilities of the computers attached with it. There are many
other things that could be done, like Nessus and Nexpose integration
with metasploit and we will discuss every aspect of it. The next
article of this series will cover the scanning part.
is successful, now you can scan the target network and get the
vulnerabilities of the computers attached with it. There are many
other things that could be done, like Nessus and Nexpose integration
with metasploit and we will discuss every aspect of it. The next
article of this series will cover the scanning part.