Metasploit

The Metasploit Framework is a powerful suite of tools that security researchers use to investigate and resolve potential network and system vulnerabilities. Metasploit: The Penetration Tester's Guide shows readers how to assess networks by using Metasploit to launch simulated attacks that expose weaknesses in their security.The Metasploit Framework is an open source platform that supports vulnerability research, exploit development, and the creation of custom security tools.

Information gathering using metasploit

The foundation for any successful penetration test is solid reconnaissance. Failure to perform proper information gathering will have you flailing around at random, attacking machines that are not vulnerable and missing others that are.

• port scanning
• service identification
• password sniffing
• port sniffing

metasploit use for exploiting mobile devices.

Metasploit to exploit Android devices such as tablets and phones. As you will see, once we have exploited the Android device, we are capable of collecting the target's text messages, contact list, location and even turn on their webcam!
1. Find Android Exploits
2. Find Android Payloads
3. Build an APK file

tools in metasploit framework

• bundler.
• curl.
• gcc-mingw-w64-i686-win32.
• gcc-mingw-w64-x86-64-win32.
• git.
• john.
• libc6.
• libffi8.