Metasploit Pro

Metasploit Pro

Metasploit Pro is for users who prefer to use a web interface for pen testing. Some features available in Pro are unavailable in Metasploit Framework.

Pro Features not in Metasploit Framework

  • Task Chains
  • Social Engineering
  • Vulnerability Validations
  • GUI
  • Quick Start Wizards
  • Nexpose Integration

If you are a command line user, but still want access to the commercial features, Metasploit Pro includes its very own console, which is very much like msfconsole, except it gives you access to most of the features in Metasploit Pro via the command line.

Metasploit Pro Features

Metasploit Pro offers pen testing features to help you simulate real world attacks, collect data, and remediate found exploits.

Infiltrate

  • Manual Exploitation
  • Anti-virus Evasion
  • IPS/IDS Evasion
  • Proxy Pivot
  • Post-Exploration Modules
  • Session Clean Up
  • Credentials Reuse
  • Social Engineering
  • Payload Generator
  • Quick Pen Testing
  • VPN Pivoting
  • Vulnerability Validation
  • Phishing Wizard
  • Web App Testing
  • Persistent Sessions

Collect Data

  • Import and scan data
  • Discovery Scans
  • MetaModules
  • Nexpose Scan Integration

Remediate

  • Bruteforce
  • Task Chains
  • Exploitation Workflow
  • Session Rerun
  • Task Replay
  • Project Sonar Integration
  • Session Management
  • Credential Management
  • Team Collaboration
  • Web Interface
  • Backup and Restore
  • Data Export
  • Evidence Collection
  • Reporting
  • Tagging Data

Interfaces

Metasploit Pro comes with a web interface and a command line interface. Most features available in the web interface are also available in the command line.

Web Interface

A web interface is available for you to work with Metasploit Pro. To launch the web interface, open a web browser and go to https://localhost:3790. To learn more about the web interface see Using the Metasploit Web Interface.

Pro Console

The Pro Console enables you to interact with Metasploit Pro from the command line. It is similar to the Metasploit Framework console.

Metasploit Framework

The Metasploit Framework is the foundation on which the commercial products are built. It is an open source project that provides the infrastructure, content, and tools to perform penetration tests and extensive security auditing.

There are quite a few resources available online to help you learn how to use the Metasploit Framework; however, we highly recommend that you take a look at the Metasploit Framework Wiki, which is maintained by Rapid7, to ensure that you have the most up to date information available.

Metasploit Architecture

The Metasploit Framework is an open source pen testing and development platform that provides you with access to the latest exploit code for various applications, operating systems, and platforms. You can leverage the power of the Metasploit Framework to create additional custom security tools or write your own exploit code for new vulnerabilities.

Modules

A module is a standalone piece of code, or software, that extends the functionality of the Metasploit Framework. Modules automate the functionality that the Metasploit Framework provides and enables you to perform tasks with Metasploit Pro.

A module can be an:

  • Exploit
  • Auxiliary
  • Payload
  • No operation payload (NOP)
  • Post-exploitation module
  • Encoder

For example, an exploit uses a payload to deliver code to run on another machine. The payload will open a shell or a Meterpreter session to run a post-exploitation module. The encoder will make sure the payload is delivered and no operation payload will make sure the payload size is kept consistent.

Services

Metasploit Pro runs the following services:

  • PostgreSQL - Runs the database that Metasploit Pro uses to store data from a project.
  • Ruby on Rails - Runs the web Metasploit Pro web interface.
  • Pro service - Also known as the Metasploit service, bootstraps Rails, the Metasploit Framework, and the Metasploit RPC server.

What’s Next

Quick Start Guide

Installing Metasploit Pro

About Task Chains

Bruteforce Attacks

About Social Engineering

Get you trial && Download Pro Version

Get you private email here

Get free 14-day Trial here

Download last pro version here

Download hold pro verion here







About

Welcome to 0x1.gitlab.io my personal blog to share my knowledge
Cyber Security, Ethical Hacking, Web & Network Auditing, Reverse Engineering and Cryptography
Website semi-configured to use with No-Script. No ADS and No use analytics tracking.


Contact

Forum : @0x1


© 0x1 | Cyber Security Consulting - Copyright All Rights Reserved