Metasploit for website pentest

Post author:jonathansblog
Post published:February 13, 2019
Post category:jonathansblog / Kali Linux / Metasploit / Pentest
Post comments:1 Comment

msfconsole

Once msfconsole has started and loaded all the modules and dependancies, you will meet with a splash screen in your terminal – the splash screens are random, so don’t worry if you see a different one when yours starts up:

This is msfconsole. Msfconsole is the main command line interface to MetaSploit. There are other interfaces available – GUI interfaces (armitage), and a web interface too (websploit). With msfconsole you can launch exploits, create listeners, configure payloads etc – its always useful to learn the commandline version as its the quickest way to assemble a database of targets for later analysis.

Pages: 1 2 3 4 5 6 7 8 9 10 11 12

Tags: Address, App, Book, Command, Connect, Default, Directory, Display, Error, File, Image, Index, Launch, Link, List, Local, metasploit, Mini, Multi, Multiple, Php, Scan, Screen, Server, Terminal, Text, Time, Tools, Tutorial, Url, Virtual, Vulnerability, Web, Website, Work

This Post Has One Comment

Will Meek September 10, 2019 Log in to Reply

Great writeup Jonathan!

Only caveat I found was that the url needed to be an IP, even though sites are resolved to IPs.

And File/Dir testing at the ‘404’ stage takes forever! :)

You Might Also Like

M-business Security Threats

How to use metasploit to scan for vulnerabilities

zmap on a local network

This Post Has One Comment

Leave a ReplyCancel reply