# Architecture

<figure><img src="https://244896893-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTy5fNwfsaV6DbqjnheTF%2Fuploads%2FCzCctWQqGyhYEUiI6I06%2Fimage.png?alt=media&#x26;token=705b2761-8860-4e72-89b2-658f6912081e" alt=""><figcaption></figcaption></figure>

In **Metasploit**, a **module** is like a **pre-built tool** that helps security professionals test and exploit vulnerabilities without writing code from scratch. Metasploit provides **libraries** that handle the technical details, making it easy to run these modules.

## **Types of Modules**

1️⃣ **Exploit** – A code that takes advantage of a system’s weakness to gain access.\
2️⃣ **Payload** – The action performed after exploiting a system, like opening a backdoor.\
3️⃣ **Encoder** – A tool that hides or modifies a payload to avoid detection by security software.\
4️⃣ **NOP** (No Operation) – Used to create buffer space in memory during exploitation.\
5️⃣ **Auxiliary** – Tools for scanning, gathering information, and testing security without direct exploitation.

These modules help ethical hackers and security experts **identify, exploit, and secure** systems efficiently.

## **Types of Payloads**

A **payload** is the code delivered to a target system after an exploit is successful. There are two main types:

1️⃣ **Non-Staged Payload** – This is a simple payload that is sent to the target system all at once, along with the exploit.\
2️⃣ **Staged Payload** – This payload is sent in two parts:

* The **stager** (first part) creates a connection back to the attacker.
* Once the connection is established, the **stage** (second part) is downloaded and executed on the target system.

### **Understanding Stagers and Stages**

* **Stagers**: Help set up a reliable connection between the attacker and the target.
* **Stages**: The actual payload that is downloaded and executed after the stager establishes communication.

## **What is the Meterpreter Payload?**

**Meterpreter** is an advanced, interactive payload in Metasploit. It runs in memory, making it stealthy and hard to detect. Once executed, it allows attackers to **control the system remotely**, run commands, extract data, and perform post-exploitation tasks without leaving a trace on disk.

## Penetration Testing w/ MSF

| Penetration Testing Phase             | Metasploit Framework Implementation    |
| ------------------------------------- | -------------------------------------- |
| Information Gathering and Enumeration | Auxiliary Modules                      |
| Vulnerability Scanning                | Auxiliary Modules                      |
| Exploitation                          | Exploit Modules & Payloads             |
| Post Exploitation                     | Meterpreter                            |
| Privilege Escalation                  | Post Exploitation Module & Meterpreter |
| Maintaining Persistent Access         | Post Exploitation Module               |