From 6788e7fb7ef9f21e466945d2e0f7f318055e593a Mon Sep 17 00:00:00 2001
From: whx <stefan@stefan.works>
Date: Sun, 26 Sep 2021 02:06:10 +0200
Subject: [PATCH] added msfconsole notes

---
 metasploit.md | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)
 create mode 100644 metasploit.md

diff --git a/metasploit.md b/metasploit.md
new file mode 100644
index 0000000..5ee0844
--- /dev/null
+++ b/metasploit.md
@@ -0,0 +1,51 @@
+# Metasploit
+
+## Modules
+* __Auxiliary__ scanners, crawlers and fuzzers
+* __Encoders__ encode payloads
+* __Evasion__ prepare payloads to circumvent signature based malware detection 
+* __NOPs__ various architectures
+* __Payloads__ to run on target systems
+    * Singles, inline payloads, for example generic/shell_reverse_tcp
+    * Stagers, downloads the stages payloads
+    * Stages, for example windows/x64/shell/reverse_tcp
+* __Post__ postexploitation
+
+## Notes        
+* Search via scope 
+```sh
+search type:auxiliary <stuff>
+```
+* Send exploit to background
+```
+run -z
+```
+* `check` if target is vulnerable
+* `setg` sets variables globally
+* `unset payload`
+* Flush via `unset all`
+
+## Sessions
+* `background` or `ctrl+z`
+* Foreground via `sessions -i <number>`
+
+## Scanning
+* Portscan
+```sh
+search portscan
+```
+* UDP Sweep via `scanner/discovery/udp_sweep`
+* SMB Scan via `scanner/smb/smb_version` and `smb_enumshares`
+* SMB login dictionary attack `scanner/smb/smb_login`
+* NetBios via `scanner/netbios/nbname`
+* HTTP version `scanner/http/http_version`
+
+## Database
+* Start postgres
+* `msfdb init`
+* `db_status`
+* Separate `workspace -a <projectname>`
+* Safe scans via `db_nmap`
+* Show `hosts`
+* Show `services`
+* Set RHOST values via `hosts -R`