mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-12 14:14:56 +03:00
mukul975
35 lines
1.5 KiB
Markdown
35 lines
1.5 KiB
Markdown
# Standards and References - Metasploit Framework
|
|
|
|
## Industry Standards
|
|
- **PTES (Penetration Testing Execution Standard)**: http://www.pentest-standard.org/
|
|
- **OWASP Testing Guide**: https://owasp.org/www-project-web-security-testing-guide/
|
|
- **NIST SP 800-115**: Technical Guide to Information Security Testing and Assessment
|
|
- **OSSTMM v3**: Open Source Security Testing Methodology Manual
|
|
|
|
## Metasploit Documentation
|
|
- Metasploit Framework Docs: https://docs.rapid7.com/metasploit/
|
|
- Metasploit Unleashed (OffSec): https://www.offsec.com/metasploit-unleashed/
|
|
- Metasploit GitHub: https://github.com/rapid7/metasploit-framework
|
|
- Module Development Guide: https://docs.metasploit.com/docs/development/developing-modules.html
|
|
|
|
## Key msfconsole Commands Reference
|
|
| Command | Purpose |
|
|
|---------|---------|
|
|
| `search` | Search modules by name, CVE, platform |
|
|
| `use` | Select a module |
|
|
| `show options` | Display module configuration |
|
|
| `set/setg` | Set module/global variables |
|
|
| `check` | Verify vulnerability without exploitation |
|
|
| `exploit/run` | Execute the module |
|
|
| `sessions` | List active sessions |
|
|
| `db_import` | Import scan results (Nessus, Nmap, etc.) |
|
|
| `vulns` | List known vulnerabilities from database |
|
|
| `workspace` | Manage engagement workspaces |
|
|
|
|
## Legal Considerations
|
|
- Always obtain written authorization before testing
|
|
- Define scope, rules of engagement, and emergency contacts
|
|
- Document all activities for legal protection
|
|
- Follow responsible disclosure for any new findings
|
|
- Comply with local computer misuse laws
|