Metasploit is a suite of tools built into a framework which automates and tracks many of the tasks of a penetration test, plus it integrates nicely with other common Penetration Testing tools like Nessus and Nmap. Metasploit was acquired by Rapid-7 in 2009 and there are now commercial variants however the free framework does provide everything you need for a successful Penetration Test from a command-line interface. If you’re curious of the differences Rapid-7 has a page where you can compare the free version against the commercial version here. Metasploit includes port scanners, exploit code, post-exploitation modules – all sorts!#
The Metasploit database is great for tracking a Penetration Testing engagement, the biggest the engagement the more that the database can offer you. It tracks alive hosts, pwned boxes and stolen loot – plus it timestamps actions too just in case you need to track what happened when.
What are LLMNR and NetBIOS-NS? They’re both methods of resolving hostnames to IP addresses. On your network if you try to contact a system by name first of all DNS will be used, but if that fails LLMNR will be attempted followed by NetBIOS. LLMNR is the successor to NetBIOS and it supports IPv6 and multicast addresses.
Most Penetration Testers will know and love Metasploit’s PsExec module for running commands on remote Windows machines, if you’re not familiar with it – it allows you to take a compromised Local Administrator account and use it to execute commands on the remote machine (or to upload Meterpreter of course! These methods all require the ability to write to Admin$ on the remote machine, which basically means a Local Administrator account.