Infrastructure testing with MSF

Penetration testing of the corporate network using Metasploit

INTRODUCTION

During a full penetration test of the corporate network, you will need many tools to accomplish different tasks to find and exploit vulnerabilities. You will usually find yourself in a situation where you have to manage many sessions simultaneously. Imagine a scenario where you compromised ten hosts, and you want to switch between them quickly. Additionally, few of these hosts are placed within the internal network, so you will need to pivot through one of the compromised systems (bastion). Although it is possible, it would be hard to accomplish those tasks in a single terminal window. Fortunately, there is a solution — The Metasploit Framework.

WHAT WILL YOU LEARN?

In this article, you will learn how to use Metasploit Framework as a Command and Control Center during the Penetration Testing assessment of the corporate network. Although this guide will focus on the Metasploit Framework you will find different tools and techniques, that can be used to improve the test quality.

0. PREPARE THE ENVIRONMENT

• To use the full potential of the Metasploit Framework and save the results of scanning & looting during the…