Back to course

MSF Architecture (Modules, Payloads, Encoders)

Cyber Security Mastery: From Zero to Hero

Understanding Metasploit Components

Metasploit organizes its functionality into distinct modules:

1. Modules

  • Exploits: Code that targets a specific vulnerability to gain initial access (e.g., exploit/windows/smb/ms17_010_eternalblue).
  • Payloads: The code that runs after the exploit succeeds. This is what the attacker wants the target machine to execute (e.g., open a reverse shell).
  • Auxiliary: Tools that perform supporting functions like scanning, enumeration, or denial of service (DoS). They do not exploit vulnerabilities.
  • Post: Modules used after exploitation to gather more information, escalate privileges, or maintain access.

2. Payloads

Payloads define what happens on the compromised system. Examples include windows/meterpreter/reverse_tcp (a highly advanced, in-memory reverse shell).

3. Encoders

Encoders change the binary representation of the payload to bypass signature-based antivirus solutions and remove bad characters that might interfere with the exploit.