metasploit-framework

This document is an actionable how-to for installing and operating Metasploit and includes numerous high-risk, offensive operations: generating and delivering reverse shells, credential harvesting, persistence, privilege escalation, and automated brute-force scanning. The greatest technical supply-chain risk shown is the installer download-and-run pattern (curl -> chmod -> execute) using an unpinned remote script. The content is dual-use — legitimate for authorized penetration testing but easily abused if executed without strict legal authorization, human oversight, and operational controls. Recommend: restrict use of this skill to authenticated, audited environments; disallow automated or autonomous execution of commands that perform network exploitation or credential harvesting; prefer pinned, verified installer sources and verify checksums/signatures before executing installers.