Module 8 ยท Lesson 2 ยท 40 minutes

๐Ÿ’ฅ Metasploit โ€” A "Lockpick Store" with Instructions

A massive database of ready-to-use tools for known vulnerabilities. The concept โ€” explained simply. Practice โ€” strictly in a lab VM.

๐Ÿ“– Why You Need to Know This

In 2017, the WannaCry worm infected 200,000 computers across 150 countries in a single day. Hospitals in England, banks in Spain, and Renault factories were brought to a standstill. Inside the worm was the EternalBlue exploit โ€” a tool stolen from the US NSA.

After EternalBlue was leaked, it was added to Metasploit โ€” a framework with a database of ready-made "lockpicks." Since then, anyone can launch this attack in just 5 commands. It is a "weapon of mass exploitation" accessible to everyone.

This lesson is about the core concept. You will work only in a lab VM. Running this on someone else's computer = Criminal Code Article 273 (creation of malware), up to 5 years in prison.

๐Ÿงฐ What is Metasploit?

๐ŸŽฏ Explained in 30 Seconds

Metasploit = A "lockpick store" with detailed instructions for each tool.

In the previous module, we learned that every program has known vulnerabilities (CVEs). Someone has written a ready-to-use "exploitation tool" for each vulnerability โ€” this is an exploit.

Metasploit is a massive catalog of 2,400+ ready-made exploits + instructions on how to use them.