Tutorial

The Metasploit Framework Tutorial PDF compendium: Your ready reckoner

The Metasploit Framework  is a free, open source penetration testing solution developed by the open source security community. Metasploit Framework eliminates the need for writing

 individual exploits, saving pen-testers considerable time and effort. Originally created by H D Moore in 2003, Metasploit was later bought over by Rapid7. Over time, it has matured into a popular tool of choice for infosec professionals and enthusiasts.

Requires Free Membership to View

SearchSecurity.in has put together a basket of tutorials that cover the Metasploit Framework’s various aspects. Our Metasploit Framework tutorials cover pen-testing using Metasploit — right from the basics to post-exploitation — and everything in between. These Metasploit Framework tutorials are available for free download in PDF format for offline reference. Please go through the links on this page for our Metasploit Framework tutorial PDFs.


The open source Metasploit Project is the foundation of the Metasploit Framework. To get a frame of reference, MsF is the software platform to develop, test and execute software exploits. It provides packaged tools for pen-testing, anti-forensics and advanced evasion. In this article, you can read more about the project and the framework before delving into our Metasploit Framework tutorial PDFs.

Use of the Metasploit Framework ranges from defending systems by performing pen-tests and vulnerability assessments, to researching new security vulnerabilities. This Metasploit Framework tutorial takes a look at the basic functionality of the framework and highlights different methods for information gathering and vulnerability scanning using MsF.

You can download this Metasploit tutorial in PDF format along with the rest of our Metasploit Framework tutorial PDFs for offline reference.

Meterpreter is a post-exploitation tool that is part of the Metasploit Framework, used to circumvent the disadvantages of using specific payloads. It is used to enable encrypted communication and evade detection by using the principle of ‘in memory DLL injection’. This Metasploit Framework tutorial looks at how you can use MsF’s meterpreter tool to create exploits that evade detection.

You can download this Metasploit tutorial in PDF format along with the rest of our Metasploit Framework tutorial PDFs for offline reference.

For large networks, a database to manage and maintain logs of every event that occurs during the testing phase is needed to coordinate and synchronize multiple tests in real time. This Metasploit Framework tutorial looks at database configuration within Metasploit, and the different phases in post-exploitation available to a pen tester/attacker.

You can download this Metasploit tutorial in PDF format along with the rest of our Metasploit Framework tutorial PDFs for offline reference.

The fourth installment of SearchSecurity.in’s Metasploit Framework tutorials looks at using the Armitage is a cyber attack management GUI for Metasploit, to exploit vulnerable systems. The Armitage cyber attack management GUI provides a GUI for the console-based frameworks within Metasploit. This GUI allows the user to access all the exploits discussed in our previous Metasploit Framework tutorials, from one interface.

You can download this Metasploit tutorial in PDF format along with the rest of our Metasploit Framework tutorial PDFs for offline reference.


You can follow our twitter feed at @SearchSecIN

This was first published in October 2011