Security Stuff!!
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode



Metasploit framework is a penetration testing framework that contain a lot of tools (port scanners, vulnerability scanners, exploits,…etc), now we will start with the important step in penetration testing. 

Information Gathering

The first and the most imprtant step in penetration testing is information gathering, it is collecting as much information as possible about a target and your information must be accurate.
Information gathering is 2 types
1- Passive information Gathering: It’s collecting information wthout touching the target like using
A- Google (or any other search engine)
B- whois
C- nslookup
D- netcraft
2- Active Information Gatherig: It’s collecting information by touching the target like using (nmap).

Using nmap in Metasploit 

First you must connect to database (to dump results in it) by using command db_status and the result must be postgresql connected to msf3 Some Nmap options:
oX –> Export a report
sI –> Scan targets stealthy by spoofing ip address (Idle IP)
A –> Banner graabbing
sS –> Stealth TCP port scan
Pn –> Don’t use ICMP (Don’t ping)

msf> db_nmap -sS

[*] Nmap: Starting Nmap 6.25 ( ) 
[*] Nmap: Nmap scan report for root (
[*] Nmap: Host is up (0.000012s latency).
[*] Nmap: Not shown: 994 closed ports
[*] Nmap: 22/tcp   open  ssh
[*] Nmap: 3001/tcp open  nessus
[*] Nmap: 5432/tcp open  postgresql
[*] Nmap: 5900/tcp open  vnc
[*] Nmap: 9050/tcp open  tor-socks
[*] Nmap: 9091/tcp open  xmltec-xmlmail
[*] Nmap: Nmap done: 1 IP address (1 host up) scanned in 2.23 seconds

Note: Metasploit uses PostgreSQL database to store your results such as (nmap results, nusses results … )
To get the results in detail use hosts command

address        mac  name  os_name  os_flavor  os_sp  purpose 
   -------          ---     ----       -------           ---------  -----  -------      00:22:68:31:93:b0       Unknown                          device  00:16:e6:64:5d:d1                  Unknown                              device    Microsoft Windows XP   SP2   client