Platform
- TECHNOLOGY
  The Rapid7 Command Platform
  AI-Powered Cybersecurity Platform
  Explore
Products
- NEW!
  Exposure Command
  Take Command of Your Attack Surface
  Request Demo
- DETECTION & RESPONSE
- Next-Gen SIEM
  INSIGHTIDR
- Threat Intelligence
  THREAT COMMAND
Services
- MXDR
  Managed Threat Complete
  24x7 MXDR to secure your extended ecosystem
  Request Demo
- DETECTION & RESPONSE
- Managed XDR
  MANAGED THREAT COMPLETE
- Incident Response Services
  EXPERIENCING A BREACH?
Resources
- NEW
  The 2024 Attack Intelligence Report
  Read the latest research by Rapid7 Labs
  READ NOW
Company
Partners
Sign In

Documentation

Metasploit

Platform
- TECHNOLOGY
  The Rapid7 Command Platform
  AI-Powered Cybersecurity Platform
  Explore
Products
- NEW!
  Exposure Command
  Take Command of Your Attack Surface
  Request Demo
- DETECTION & RESPONSE
- Next-Gen SIEM
  INSIGHTIDR
- Threat Intelligence
  THREAT COMMAND
Services
- MXDR
  Managed Threat Complete
  24x7 MXDR to secure your extended ecosystem
  Request Demo
- DETECTION & RESPONSE
- Managed XDR
  MANAGED THREAT COMPLETE
- Incident Response Services
  EXPERIENCING A BREACH?
Resources
- NEW
  The 2024 Attack Intelligence Report
  Read the latest research by Rapid7 Labs
  READ NOW
Company
Partners

Sign In

Documentation
Metasploit
Release Notes

Docs Menu

Welcome

Quick Start Guide
Getting Started
Metasploit Basics
Getting Support
- Submitting a Request for Enhancement
Rapid7's End of Life Policy

Installing Metasploit

Installing Metasploit Pro
- System Requirements
Setting Up a Vulnerable Target
- Metasploitable 2
- Metasploitable 2 Exploitability Guide

Discovery

Discovery Scan
Importing Data
- Importing Project Sonar
Vulnerability Scanning with Nexpose
Tracking Real-Time Statistics and Events

Validate Vulnerabilities

Validating a Vulnerability
Working with the Vulnerability Validation Wizard
Validating Vulnerabilities Discovered by Nexpose
Sharing Validation Results with Nexpose

Exploitation

Listener
Using Exploits
Skipping Fragile Devices

Payloads

Working with Payloads
The Payload Generator

Post-exploitation

About Post-Exploitation
Manage Meterpreter and Shell Sessions
Meterpreter getsystem

Credentials

Understanding Credentials
Managing Credentials
Reusing Credentials
Searching Credentials
Bruteforce Attacks
- Understanding Bruteforce Findings

Social Engineering

About Social Engineering
Create a New Campaign
Create a Custom Campaign
Managing Campaigns
Review Your Findings
Managing Target Lists
Uploading Custom SSL Certificates
Modifying the SSL Cipher for Web Servers
Best Practices for Social Engineering

Automating Tasks

About Task Chains
Create a Task Chain
Managing and Editing Task Chains
Scheduling Task Chains
Resource Scripts

Reporting

About Reports
Customizing Standard Reports
Working with Custom Templates
About MetaModule Reports

Logs

Accessing Logs
Rotating Logs
Exporting Logs
Find Recently Changed Logs

MetaModules

Credentials Domino MetaModule
- Understanding the Credentials Domino MetaModule Findings
Single Credential Testing MetaModule
SSH Key Testing MetaModule
Known Credentials Intrusion MetaModule
Segmentation and Firewall Testing MetaModule

Tutorials

Passing the Hash Tutorial
Testing a Single Credential Tutorial
Credentials Tutorial

Metasploit Pro Web Interface

Using the Metasploit Web Interface
The Projects Page
The Analysis Page
The Sessions Page
The Campaign Page
The Modules Page
The Tasks Page
The Administration Page

Managing Projects

Creating and Managing Projects
Exporting Project Data
Team Collaboration

Hosts

Managing Hosts

Managing and Updating Metasploit

Managing User Accounts
Managing License Keys
Verifying Downloads with SHA-1 Hashes
Backing Up and Restoring Metasploit Data
Notification Center
Updating Metasploit
Restarting Metasploit Services
Uninstalling Metasploit
Replacing the SSL Certificate
Set Up a Global SMTP Server
Reset Username and Password

Pro Console

About the Pro Console
Auto-Exploitation
Exporting and Importing Data
Managing Credentials
Managing the Database from the Pro Console
Managing Notes
Managing Tasks
Managing Vulnerabilities
Manual Exploitation
Managing Metasploit
Working with Projects
Pro Console Reports
Scanning and Managing Hosts

Troubleshooting

Unable to Connect
Does Pro include Framework as well?
How Are Logins Created?
Project Report Taking a Long Time
Exploit Has Been Running for a Long Time
Installation Troubleshooting
Update Troubleshooting
Administration Troubleshooting
Database Troubleshooting
Payloads Troubleshooting
- Encoded Payloads Don"t Bypass Anti-virus
- Getsystem Command
Social Engineering Troubleshooting
Nexpose Troubleshooting
Bruteforce Attacks Troubleshooting
- What Happens When a Credential Fails?
- Bruteforce Attack Is Not Working

Metasploit Framework

Metasploit Framework
Installing the Metasploit Framework
Managing the Database
Managing Workspaces
Modules
Running Metasploit Remotely
Tagging Hosts in msfconsole

Using APIs

Standard API Methods
- Standard API Methods Reference
Pro API Methods Reference
REST API
- REST API Endpoints
RPC API
- Sample Usage of the RPC API

Release Notes

Metasploit release notes