How to Use Metasploit in Kali Linux

How to Use Metasploit in Kali Linux


3 min read

Metasploit is one of the most popular penetration testing tools used by ethical hackers and security professionals to test the security of computer systems. Kali Linux is a Debian-based Linux distribution specifically designed for digital forensics and penetration testing, which comes with over 600 preinstalled tools used for hacking and security testing - including Metasploit.

Using the Metasploit framework in Kali Linux provides a powerful environment to perform various penetration testing techniques and simulate cyber attacks. Here is a simple step-by-step guide on how to use Metasploit in Kali Linux:


  • The Kali Linux operating system was installed and updated

  • Basic understanding of the Linux command line

  • Understanding of basic networking concepts

Steps to Use Metasploit

1. Open Kali Linux Terminal

Open the Kali Linux terminal using the Ctrl+Alt+T keyboard shortcut or by clicking on the terminal icon in the menu. This will open a command line interface window to execute Linux commands.

2. Start Metasploit Framework

Type the following command in the terminal to start the Metasploit console:


This will start the Metasploit console which shows the msf > prompt indicating you are inside the framework.

3. Check Modules in Metasploit

To see all the available modules in Metasploit, use the following command:

show modules

This displays a list of exploit modules, payloads, auxiliary modules etc. that can be used in penetration tests.

4. Select a Module

Choose any attack module you want to use. For example, to use the SMB exploit module:

use exploit/windows/smb/ms08_067_netapi

Replace the module name with the one you want to use. This will select the specified module.

5. Configure the Exploit

Set the required options for the selected exploit using the "set" command:

set RHOST 
set PAYLOAD windows/meterpreter/reverse_tcp

RHOST refers to the target IP address and PAYLOAD is the attack to execute on exploitation.

6. Launch the Exploit

Type the following command to launch the exploit against the target:


If the exploit is successful, you will get a meterpreter shell session of the target.

7. Interact with the Session

Use commands like help, ls, pwd, cd etc. to navigate through the target's directories and interact with the system.

This covers the basic process of using modules in the Metasploit framework to compromise a target machine. With practice, you can master using Metasploit to perform complex penetration tests.


Metasploit is an extremely powerful tool for testing infrastructure security. Kali Linux provides a perfect environment to unleash the full potential of Metasploit. Following the simple steps above, you can easily select any module, customize options, launch exploits and practice hacking legally using this open-source penetration testing framework.