Summary

Throughout this chapter, we introduced the phases involved in penetration testing. We saw how we could set up a virtual environment and install Metasploit. We recalled the basic Metasploit commands and looked at the benefits of using databases in Metasploit. We conducted a penetration test exercise against a target and compromised it. Using the compromised system, we launched an attack against the Domain Controller system and gained access to it.

Having completed this chapter, you now know about the phases of a penetration test; the benefits of using databases in Metasploit; the basics of Metasploit Framework; and using exploit, post-exploits, plugins, and auxiliary modules in Metasploit.

The primary goal of this chapter was to get you familiar with the phases of a penetration test and the basics of Metasploit. This chapter focused entirely on preparing ourselves for the following chapters.

In the next chapter, we will dive deep into the wild world of scripting and building Metasploit modules. We will learn how we can build cutting-edge modules with Metasploit and how some of the most popular scanning and authentication testing scripts work.