Lucene search
K
MetasploitMost viewed

6847 matches found

Metasploit
Metasploit
added 2026/04/02 7:2 p.m.153 views

HTTPS Fetch, Windows shellcode stage, Reverse TCP Stager (IPv6)

Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/https/x86/custom/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.153 views

HTTP Fetch, Reverse TCP Stager (IPv6)

Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/http/x86/peinject/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show options...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.153 views

HTTP Fetch, Windows x86 Reverse Named Pipe (SMB) Stager

Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker via a named pipe pivot Module Options msf use payload/cmd/windows/http/x86/meterpreter/reversenamedpipe msf payloadreversenamedpipe show actions ...actions... msf payloadreversenamedpipe set ACTION msf...

5.9AI score
Exploits0
Metasploit
Metasploit
added 2022/09/08 7:49 p.m.153 views

Powershell Exec, Windows shellcode stage, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Execute an x64 payload from a command via PowerShell. Custom shellcode stage. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/x64/custom/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc...

7.1AI score
Exploits0
Metasploit
Metasploit
added 2022/07/16 5:42 p.m.153 views

SAMR Computer Management

Add, lookup and delete computer / machine accounts via MS-SAMR. By default standard active directory users can add up to 10 new computers to the domain. Administrative privileges however are required to delete the created accounts. Module Options msf use auxiliary/admin/dcerpc/samrcomputer msf...

7AI score
Exploits0
Metasploit
Metasploit
added 2022/05/11 5:43 p.m.153 views

Powershell Exec, Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)

Execute an x86 payload from a command via PowerShell. Spawn a piped command shell staged. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/shell/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf...

7.2AI score
Exploits0
Metasploit
Metasploit
added 2022/05/11 5:43 p.m.153 views

Powershell Exec, Windows x64 Command Shell, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Execute an x64 payload from a command via PowerShell. Spawn a piped command shell Windows x64 staged. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/x64/shell/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf...

7.2AI score
Exploits0
Metasploit
Metasploit
added 2022/05/11 5:43 p.m.153 views

Powershell Exec, Reverse TCP Stager

Execute an x86 payload from a command via PowerShell. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/patchupdllinject/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...show and set...

7.1AI score
Exploits0
Metasploit
Metasploit
added 2022/05/11 5:43 p.m.153 views

Powershell Exec, Generic x86 Debug Trap

Execute an x86 payload from a command via PowerShell. Generate a debug trap in the target process Module Options msf use payload/cmd/windows/powershell/generic/debugtrap msf payloaddebugtrap show actions ...actions... msf payloaddebugtrap set ACTION msf payloaddebugtrap show options ...show and s...

7.2AI score
Exploits0
Metasploit
Metasploit
added 2010/07/08 11:34 p.m.153 views

Apache Tomcat User Enumeration

This module enumerates Apache Tomcat's usernames via malformed requests to jsecuritycheck, which can be found in the web administration package. It should work against Tomcat servers 4.1.0 - 4.1.39, 5.5.0 - 5.5.27, and 6.0.0 - 6.0.18. Newer versions no longer have the "admin" package by default...

4.3CVSS0.5AI score0.9444EPSS
Exploits4
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.152 views

HTTPS Fetch, Windows shellcode stage, Bind IPv6 TCP Stager (Windows x86)

Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Listen for an IPv6 connection Windows x86 Module Options msf use payload/cmd/windows/https/x86/custom/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION msf payloadbindipv6t...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.152 views

HTTP Fetch, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/patchupmeterpreter/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc4 show options...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.152 views

HTTPS Fetch, Reverse TCP Stager (IPv6)

Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/https/x86/meterpreter/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.152 views

HTTP Fetch, Reverse TCP Stager (DNS)

Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/peinject/reversetcpdns msf payloadreversetcpdns show actions ...actions... msf payloadreversetcpdns set ACTION msf payloadreversetcpdns show options ...show and s...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.152 views

HTTPS Fetch, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)

Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/meterpreter/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf payloadreversetcprc4dns show...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.152 views

HTTPS Fetch, Bind IPv6 TCP Stager (Windows x86)

Fetch and execute an x86 payload from an HTTPS server. Listen for an IPv6 connection Windows x86 Module Options msf use payload/cmd/windows/https/x86/patchupmeterpreter/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION msf payloadbindipv6tcp show...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.152 views

HTTP Fetch, Windows Command Shell, Reverse UDP Stager with UUID Support

Fetch and execute an x86 payload from an HTTP server. Spawn a piped command shell staged. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/http/x86/shell/reverseudp msf payloadreverseudp show actions ...actions... msf payloadreverseudp set ACTION msf...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.152 views

HTTP Fetch, Reverse TCP Stager (IPv6)

Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/http/x86/patchupdllinject/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.152 views

HTTP Fetch, Windows Upload/Execute, Reverse TCP Stager

Fetch and execute an x86 payload from an HTTP server. Uploads an executable and runs it staged. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/upexec/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetc...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/03/27 7:0 p.m.152 views

Generic HTTP Command Execution

This module interacts with existing command execution functionality on a target system, where user-supplied input is directly passed to system execution functions via a HTTP request. This could be from an existing vulnerability, or uploaded webshells such as: It is likely that HTTP evasion option...

5.6AI score
Exploits0
Metasploit
Metasploit
added 2024/02/14 7:51 p.m.152 views

SMB Fetch, Windows x64 Reverse HTTP Stager (wininet)

Fetch and execute an x64 payload from an SMB server. Tunnel communication over HTTP Windows x64 wininet Module Options msf use payload/cmd/windows/smb/x64/meterpreter/reversehttps msf payloadreversehttps show actions ...actions... msf payloadreversehttps set ACTION msf payloadreversehttps show...

5.9AI score
Exploits0
Metasploit
Metasploit
added 2023/06/02 7:50 p.m.152 views

HTTPS Fetch

Fetch and execute an x64 payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/x64/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show and...

7.3AI score
Exploits0
Metasploit
Metasploit
added 2022/09/08 7:49 p.m.152 views

Powershell Exec, Windows shellcode stage, Bind TCP Stager with UUID Support (Windows x64)

Execute an x64 payload from a command via PowerShell. Custom shellcode stage. Listen for a connection with UUID Support Windows x64 Module Options msf use payload/cmd/windows/powershell/x64/custom/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION msf...

7.2AI score
Exploits0
Metasploit
Metasploit
added 2022/05/11 5:43 p.m.152 views

Powershell Exec, Windows x64 Command Shell, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Execute an x64 payload from a command via PowerShell. Spawn a piped command shell Windows x64 staged. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/x64/shell/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION...

7.2AI score
Exploits0
Metasploit
Metasploit
added 2022/05/11 5:43 p.m.152 views

Powershell Exec

Execute an x64 payload from a command via PowerShell Module Options msf use payload/cmd/windows/powershell/x64/powershellreversetcp msf payloadpowershellreversetcp show actions ...actions... msf payloadpowershellreversetcp set ACTION msf payloadpowershellreversetcp show options ...show and set...

7.2AI score
Exploits0
Metasploit
Metasploit
added 2022/05/11 5:43 p.m.152 views

Powershell Exec, Bind TCP Stager with UUID Support (Windows x86)

Execute an x86 payload from a command via PowerShell. Listen for a connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/powershell/vncinject/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION msf payloadbindtcpuuid show...

7.2AI score
Exploits0
Metasploit
Metasploit
added 2022/05/11 5:43 p.m.152 views

Powershell Exec, Windows Upload/Execute, Bind IPv6 TCP Stager (Windows x86)

Execute an x86 payload from a command via PowerShell. Uploads an executable and runs it staged. Listen for an IPv6 connection Windows x86 Module Options msf use payload/cmd/windows/powershell/upexec/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION ms...

7.2AI score
Exploits0
Metasploit
Metasploit
added 2022/05/11 5:43 p.m.152 views

Powershell Exec, Windows MessageBox

Execute an x86 payload from a command via PowerShell. Spawns a dialog via MessageBox using a customizable title, text & icon Module Options msf use payload/cmd/windows/powershell/messagebox msf payloadmessagebox show actions ...actions... msf payloadmessagebox set ACTION msf payloadmessagebox sho...

7.2AI score
Exploits0
Metasploit
Metasploit
added 2022/01/05 5:42 p.m.152 views

Wordpress Plugin Catch Themes Demo Import RCE

The Wordpress Plugin Catch Themes Demo Import versions use exploit/multi/http/wpcatchthemesdemoimport msf exploitwpcatchthemesdemoimport show targets ...targets... msf exploitwpcatchthemesdemoimport set TARGET msf exploitwpcatchthemesdemoimport show options ...show and set options... msf...

7.2CVSS7.1AI score0.55729EPSS
Exploits6
Metasploit
Metasploit
added 2021/10/28 5:51 p.m.152 views

Microsoft OMI Management Interface Authentication Bypass

By removing the authentication header, an attacker can issue an HTTP request to the OMI management endpoint that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 released September 8th 2021. Module Options msf use...

9.8CVSS8.1AI score0.99723EPSS
Exploits19
Metasploit
Metasploit
added 2021/06/13 5:55 p.m.152 views

Emby Version Scanner

This module attempts to identify the version of an Emby Media Server running on a host. If you wish to see all the information available, set VERBOSE to true. Use in conjunction with embyssrfscanner to locate devices vulnerable to CVE-2020-26948. Module Options msf use...

9.8CVSS8.9AI score0.87154EPSS
Exploits4
Metasploit
Metasploit
added 2020/12/19 5:41 p.m.152 views

WordPress Easy WP SMTP Password Reset

Wordpress plugin Easy WP SMTP versions use auxiliary/scanner/http/wpeasywpsmtp msf auxiliarywpeasywpsmtp show actions ...actions... msf auxiliarywpeasywpsmtp set ACTION msf auxiliarywpeasywpsmtp show options ...show and set options... msf auxiliarywpeasywpsmtp run This module requires Metasploit:...

7.5CVSS7.6AI score0.63407EPSS
Exploits3
Metasploit
Metasploit
added 2019/03/28 1:13 a.m.152 views

Ruby On Rails File Content Disclosure ('doubletap')

This module uses a path traversal vulnerability in Ruby on Rails versions = "Ruby On Rails File Content Disclosure 'doubletap'", 'Description' = %q This module uses a path traversal vulnerability in Ruby on Rails versions = 'Carter Brainerd ', Metasploit module 'John Hawthorn ' PoC/discovery ,...

7.5CVSS7.6AI score0.98507EPSS
Exploits18
Metasploit
Metasploit
added 2017/11/03 9:26 a.m.152 views

Oracle MySQL UDF Payload Execution

This module creates and enables a custom UDF user defined function on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL = 'Oracle MySQL UDF Payload Execution', 'Description' = %q This module creates and enables a custo...

7.6AI score
Exploits0
Metasploit
Metasploit
added 2017/03/20 10:36 p.m.152 views

Brute Force AM/OOK (ie: Garage Doors)

Post Module for HWBridge RFTranscievers. Brute forces AM OOK or raw binary signals. This is a port of the rfpwnon tool by Corey Harding. https://github.com/exploitagency/github-rfpwnon/blob/master/rfpwnon.py This module requires Metasploit: https://metasploit.com/download Current source:...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2014/10/16 9:37 p.m.152 views

MS14-060 Microsoft Windows OLE Package Manager Code Execution

This module exploits a vulnerability found in Windows Object Linking and Embedding OLE allowing arbitrary code execution, publicly known as "Sandworm". Platforms such as Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable. However, based on our...

7.8CVSS9.6AI score0.81628EPSS
Exploits22
Metasploit
Metasploit
added 2011/08/29 3:30 p.m.152 views

RealVNC NULL Authentication Mode Bypass

This module exploits an Authentication bypass Vulnerability in RealVNC Server version 4.1.0 and 4.1.1. It sets up a proxy listener on LPORT and proxies to the target server The AUTOVNC option requires that vncviewer be installed on the attacking machine. This module requires Metasploit:...

7.5CVSS7.3AI score0.91522EPSS
Exploits13
Metasploit
Metasploit
added 2026/06/17 7:3 p.m.151 views

NTLM Relay to Self (HTTP to LDAP) - Post Exploitation

This module performs an NTLM relay-to-self privilege escalation attack. It starts an HTTP-to-LDAP relay server on the compromised host, then triggers the WebClient service via an ETW event allowing a low-privilege user to start it, and coerces the local machine account to authenticate via...

5.4AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.151 views

HTTPS Fetch

Fetch and execute an x86 payload from an HTTPS server. Module Options msf use payload/cmd/windows/https/x86/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf payloadexec show options ...show and set options... msf payloadexec run This module requires Metasploit:...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.151 views

HTTPS Fetch, Windows shellcode stage, Bind TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Listen for a connection No NX Module Options msf use payload/cmd/windows/https/x86/custom/bindnonxtcp msf payloadbindnonxtcp show actions ...actions... msf payloadbindnonxtcp set ACTION msf payloadbindnonxtcp show...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.151 views

HTTPS Fetch, Reverse TCP Stager (IPv6)

Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/https/x86/dllinject/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.151 views

HTTP Fetch, Reverse TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker No NX Module Options msf use payload/cmd/windows/http/x86/peinject/reversenonxtcp msf payloadreversenonxtcp show actions ...actions... msf payloadreversenonxtcp set ACTION msf payloadreversenonxtcp show options...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.151 views

HTTP Fetch, Reverse TCP Stager (DNS)

Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/patchupmeterpreter/reversetcpdns msf payloadreversetcpdns show actions ...actions... msf payloadreversetcpdns set ACTION msf payloadreversetcpdns show options...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.151 views

HTTPS Fetch, Reverse HTTP Stager Proxy

Fetch and execute an x86 payload from an HTTPS server. Tunnel communication over HTTP Module Options msf use payload/cmd/windows/https/x86/meterpreter/reversehttpproxypstore msf payloadreversehttpproxypstore show actions ...actions... msf payloadreversehttpproxypstore set ACTION msf...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.151 views

HTTPS Fetch, Windows shellcode stage, Find Tag Ordinal Stager

Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Use an established connection Module Options msf use payload/cmd/windows/https/x86/custom/findtag msf payloadfindtag show actions ...actions... msf payloadfindtag set ACTION msf payloadfindtag show options ...show and...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.151 views

HTTP Fetch, Find Tag Ordinal Stager

Fetch and execute an x86 payload from an HTTP server. Use an established connection Module Options msf use payload/cmd/windows/http/x86/patchupmeterpreter/findtag msf payloadfindtag show actions ...actions... msf payloadfindtag set ACTION msf payloadfindtag show options ...show and set options...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.151 views

HTTP Fetch, Windows Command Shell, Bind IPv6 TCP Stager (Windows x86)

Fetch and execute an x86 payload from an HTTP server. Spawn a piped command shell staged. Listen for an IPv6 connection Windows x86 Module Options msf use payload/cmd/windows/http/x86/shell/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION msf...

5.5AI score
Exploits0
Metasploit
Metasploit
added 2023/06/15 7:50 p.m.151 views

HTTPS Fetch

Fetch and execute an x86 payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/x86/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show and...

7.3AI score
Exploits0
Metasploit
Metasploit
added 2023/06/02 7:50 p.m.151 views

HTTPS Fetch, Windows Meterpreter Shell, Reverse HTTPS Inline (x64)

Fetch and execute an x64 payload from an HTTPS server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/https/x64/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf...

6AI score
Exploits0
Metasploit
Metasploit
added 2023/04/12 7:43 p.m.151 views

Python Exec, Command Shell, Reverse SCTP (via python)

Execute a Python payload from a command. Creates an interactive shell via Python, encodes with base64 by design. Compatible with Python 2.6-2.7 and 3.4+. Module Options msf use payload/cmd/windows/python/shellreversesctp msf payloadshellreversesctp show actions ...actions... msf...

7.1AI score
Exploits0
Total number of security vulnerabilities5000