Metasploit Flashcards
(32 cards)
What is Metasploit?
Metasploit is a penetration testing framework that allows security professionals to find and exploit vulnerabilities in systems.
True or False: Metasploit is only used for ethical hacking.
True
What programming language is Metasploit primarily built with?
Ruby
Fill in the blank: Metasploit includes a collection of __________ that can be used to exploit vulnerabilities.
modules
What is the purpose of the Metasploit console?
The Metasploit console is a command-line interface for interacting with the Metasploit Framework.
Name one type of module in Metasploit.
Exploit module
What does an exploit module do?
An exploit module is used to take advantage of a vulnerability in a system.
True or False: Metasploit can be used for both offensive and defensive security.
True
What is the purpose of payloads in Metasploit?
Payloads are used to execute commands on a target after exploiting a vulnerability.
Fill in the blank: A __________ is a piece of code that allows interaction with the target system after exploitation.
payload
What type of attack does the ‘meterpreter’ payload enable?
A command shell on the target system with advanced features.
What is the Metasploit Community Edition?
A free version of Metasploit that allows users to perform basic penetration testing.
What is the difference between Metasploit Pro and Metasploit Community?
Metasploit Pro offers advanced features such as automated exploitation and reporting.
Which command is used to search for exploits in the Metasploit Framework?
search
True or False: Metasploit can be integrated with other security tools.
True
What is an auxiliary module in Metasploit?
A module that performs tasks such as scanning, fuzzing, or denial-of-service attacks.
What command is used to load a specific module in Metasploit?
use
Fill in the blank: Metasploit’s __________ allows users to create custom modules for specific needs.
API
What is the purpose of the ‘exploit’ command in Metasploit?
To execute the selected exploit module against a target.
What is a ‘target’ in the context of Metasploit?
The system or application that is being tested for vulnerabilities.
In Metasploit, what does ‘db_nmap’ do?
It integrates Nmap scan results into the Metasploit database.
What is a ‘session’ in Metasploit?
An active connection to a compromised target system.
True or False: Metasploit can only exploit Windows systems.
False
What is the purpose of the ‘set’ command in Metasploit?
To configure options for a selected module.
