👾Exploitation Frameworks
Exploitation frameworks are tools used by cybersecurity professionals to test and exploit vulnerabilities found in computer systems and software. They provide a set of pre-built exploits and functionalities to gain unauthorized access, extract information, or control a system for testing purposes. These frameworks are essential for understanding and demonstrating the impact of vulnerabilities in a controlled environment.
The Metasploit Framework (MSF) is an open-source, robust penetration testing and exploitation framework that is used by penetration testers and security researchers worldwide.
It provides penetration testers with a robust infrastructure required to automate every stage of the penetration testing life cycle.
It is also used to develop and test exploits and has one of the world’s largest database of public, tested exploits.
The Metasploit Framework is designed to be modular, allowing for new functionality to be implemented with ease.
Essential Terminology
Interface – Methods of interacting with the Metasploit Framework
Module – Pieces of code that perform a particular task, an example of a module is an exploit.
Vulnerability – Weakness or flaw in a computer system or network that can be exploited.
Exploit – Piece of code/module that is used to take advantage a vulnerability within a system, service or application.
Payload – Piece of code delivered to the target system by an exploit with the objective of executing arbitrary commands or providing remote access to an attacker.
Listener – A utility that listens for an incoming connection from a target.
Metasploit Framework Console
The Metasploit Framework Console (MSFconsole) is an easy-to-use all in one interface that provides you with access to all the functionality of the Metasploit Framework.
Penetration Testing With MSF
The MSF can be used to perform and automate various tasks that fall under the penetration testing life cycle.
In order to understand how we can leverage the MSF for penetration testing, we need to explore the various phases of a penetration test and their respective techniques and objectives.
We can adopt the PTES (Penetration Testing Execution Standard) as a roadmap to understanding the various phases that make up a penetration test and how Metasploit can be integrated in to each phase.
PowerShell-Empire (Aka Empire) is a pure PowerShell exploitation/post-exploitation framework built on cryptological-secure communications and flexible architecture.
Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from keyloggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework.
PowerShell Empire recently received an update and is now officially support and maintained by Kali Linux, more information regarding the update can be found here:
Starkiller
In addition to being updated and modernized, BC Security, the company responsible for maintaining the Empire has also developed a companion to Empire called Starkiller.
Starkiller is a GUI Frontend for the Powershell Empire. It is an Electron application written in VueJS and provides users with an intuitive way of interacting with Empire.
PowerShell-Empire & Starkiller are both available as packages in the Kali Linux repositories.
PowerShell-Empire Installation
Installation Steps:
Update Package List:
Install Powershell-Empire and Starkiller:
Post-Installation Steps:
Start Powershell-Empire Server:
Access CLI Mode:
Access Starkiller GUI:
Open the Kali menu and select "starkiller".
Use the following credentials to log in:
Username: empireadmin
Password: password123
Hacker's Mantra: Humiliation is the favorite currency of the hacker. - Sherlock Holmes
Last updated
