Dark Arts
  • index
  • BUY ME A BOOK
  • ๐Ÿช„Dark Magic
    • Pentesting
      • Industry Methodologies
    • Scopes of Testing
    • Reconnaissance
      • Passive
        • WHOIS
        • DNS
          • nslookup
          • dig
        • WAF
        • Subdomain
        • Google Dork
        • Misc. Techniques
        • Leaked Passwords
      • Active
        • Browser & Plugins
        • ping & traceroute
        • fping
        • telnet & netcat
        • DNS
          • Zone Transfer
          • DNS Amplification DDoS Attack Breakdown
        • Misc. Techniques
    • Vulnerability Assessment
    • Attack Types
  • ๐Ÿ•ท๏ธAragoogs Nest
    • Web Application Overview & Security
      • Security Testing
      • Common Threats & Risks
    • Web Application Architecture
      • Technologies
    • HTTP/S
      • Message
      • Request
      • Response
        • Status Code
    • Crawling/Spidering
  • ๐ŸงชPotions
    • Web Browsers
    • Computer Networking
      • Network Protocol
      • Packets
      • OSI Layer
        • Layer 3: Network
        • Layer 4: Transport
      • DNS
        • Primary-Secondary
        • Local Name Resolution
        • Domain Hierarchy
        • FQDN
        • Lookups
        • DNS Resolution
        • DNS Records
        • Security: Attack-Defense (Default)
  • ๐ŸŽ†Spells
    • ๐Ÿ“œLinux Scroll
    • ๐Ÿ“œWebShell Scroll
    • git
      • Attacks + Vulnerabilities
  • ๐Ÿ–ผ๏ธFlaws w/ Magical Frameworks
    • Windows
      • In a Nutshell
      • CVE-2019-0708: BlueKeep
      • CVE-2017-0144: EternalBlue: MS17-010
      • Attacking Services
        • MS IIS - WebDAV
        • SMB
        • HTTP File Server (HFS)
        • Apache Tomcat Web Server
        • RDP
        • WinRM
      • File System Vulnerabilities
      • Credential Dumping
        • Password Search in Windows Configuration Files
        • Mimikatz
        • Pass-the-Hash Attack
    • Linux
      • In a Nutshell
      • CVE-2014-6271: Shellshock
      • Attacking Services
        • FTP
        • SSH
        • SAMBA
        • SMTP
        • RSYNC
      • Dumping Hashes
  • ๐ŸŒผMarauder's Boost
    • Privilege Escalation
    • Windows PrivEsc
      • Windows Kernel Exploit
      • Bypassing UAC
      • Access Token Impersonation
    • Linux PrivEsc
      • Linux Kernel Exploit
      • Misconfigured Cron Jobs
      • Exploiting SUID Binaries
      • shells
      • File Permissions
  • โ˜ ๏ธDeath Eaters
    • Post Exploitation
      • Windows
      • Linux
  • ๐Ÿช„OLLIVANDERS
    • nmap
      • Host Discovery
      • Port Scan
      • Service & OS
      • NSE
      • Firewall/IDS Evasion
      • Scan Optimization
      • Misc. Methods
    • ffuf
    • Hydra
    • Metasploit Framework
      • Architecture
      • Must to Know
      • msfvenom
      • Auxiliary Modules
      • Service Enumeration
      • Vulnerability Scanning
      • Imports
      • Automating
    • Vulnerability Scanners
    • Wireshark
  • ๐Ÿš‚Platform 9(3/4)
    • Auth-Auth
      • Authentication
        • Password-based Authentication
        • Basic Authentication
        • Multi-factor Authentication
        • Access Token
        • Token-based Authentication
          • JWT
          • OAuth 2.0
    • Secure Headers
      • Content-Security-Policy (CSP)
    • Cryptography
      • Caesar Cipher
  • โ›ฒPort Pensieve
    • Enumeration
      • SMB & NetBIOS
      • SNMP
    • Wordlists
  • ๐Ÿ”†DUELS
    • Pivoting
    • SMB Relay Attack
  • ๐Ÿ—บ๏ธMarauder's Map
    • Web Application Pentesting
    • API Pentesting
      • GraphQL
        • Primer
    • Mobile Application Pentesting
  • ๐ŸŽงSIDE CHANNEL
    • Side Channel Analysis
    • Timing Side-Channel Attacks
      • Vulnerable Login
  • ๐ŸฅƒSky
    • Cloud Basics
    • Cloud Management
      • Shared Responsibility Model
    • Using Cloud Resources
      • Monitoring & Alerts
      • Identity & Access Management
      • Scalability & Availability
      • Solution Design
    • Cloud Providers
    • Cloud Security & Regulatory Compliance
      • Resource Protection
      • ICCA: Cloud Security & Regulatory Compliance
    • ICCA Preparation
      • Knowledge Tests
      • Lab
  • ๐Ÿ”ทObsidian
    • Pentest Engagement
      • Scoping
    • Pentest Ethics
      • Rules of Engagement
    • Auditing Fundamentals
      • Process/Lifecycle
      • Pentest & Security Auditing
      • GRC
      • Standards, Frameworks & Guidelines
      • From Audit to Pentest
  • ๐Ÿ“กTHREAT INTEL
    • Threat Intelligence
    • Tool Dump
  • ๐Ÿ“ฑAnything-Mobile-IoT
    • Firmware
    • Firmware Analysis
      • Example: CVE-2016-1555
    • Firmware Installation/Flashing
  • ๐ŸŽ‰Mischeif
    • Social Engineering
    • Phishing
      • GoPhish
    • Pretexting
Powered by GitBook
On this page
  1. OLLIVANDERS
  2. Metasploit Framework

Automating

Metasploit resource scripts are a helpful feature that lets you automate repetitive tasks and commands. They work like batch scripts, where you list a series of msfconsole commands to run one after the other. You can load these scripts in msfconsole, and it will automatically execute the commands in the script.

These scripts can be used to automate tasks such as setting up multi handlers or loading and running payloads. This makes the process quicker and easier.

ls -al /usr/share/metasploit-framework/scripts/resource

# handler.rc
use multi/handler
set PAYLOAD windows/meterpreter/revers_tcp
set LHOST [IP]
set LPORT [PORT]
run

msfconsole -r handler.rc
or
resource [PATH TO RESOURCE SCRIPT]

makerc [SAVING PATH TO RESOURCE SCRIPT]
PreviousImportsNextVulnerability Scanners

Last updated 11 days ago

๐Ÿช„