See it as a toolbox to build programs that attack other systems. Those programs are often called 'exploit', as they exploit a problem in an other system.
During exploit development some tasks tend to be always the same. For example, creating a network connection to the target.
Metasploit enables you to write your exploit in a way that you do not need to reinvent the wheel and makes certain parts interchangeable like the 'payload' (code to be executed on the attacked system).
It's a network security tool used for exploiting security holes in Windows systems in order to inject a remote control payload. It does have white-hat utility, but my sense is that it's mostly used for grey and black-hat activities.
Unlike the usual "script kiddie" Linux rootkits, it is largely focused in exploration and control of a single machine, but the building blocks Metasploit provides could easily be used to construct botnets, especially in dense networks like college campuses or medium-sized businesses without a strong IT security focus.
Unlike the usual "script kiddie" Linux rootkits, it is largely focused in exploration and control of a single machine, but the building blocks Metasploit provides could easily be used to construct botnets, especially in dense networks like college campuses or medium-sized businesses without a strong IT security focus.
Metasploit is a coder's tool. More often than not you will have to use the framework to write the exploit yourself. If you already know how to write the exploit and can write it then all metasploit does is simplify things -- there's nothing you couldn't do yourself, it would just take more time.
I use it to develop 0day exploits for various services. Great for testing.
