metasploit architecture and libraries

Metasploit Architecture and Libraries | Lesson 2

Metasploit Architecture

The Metasploit architecture was mainly written in Ruby and there are many modules and Libraries inside the Metasploit.

Each different Modules and Library has unique features and in the below section let’s deeply talk about Architecture, Modules and Libraries.

If you haven’t read Lesson 1 on what is Metasploit [Clcik here] to read

Here is the Github Repository of Metasploit Framework from the rapid 7

Metasploit Architecture

Source: OSCP


Metasploit File system

The Metasploit file system is where the Metasploit framework files exist.

The Metasploit Framework file in Kali Linux and also in Debian machine is stored under this directory /usr/share/metasploit-framework.

Once we navigate to the file system, You can understand the architecture of the files and the modules existing and also you can see the existing directory.

Metasploit File system Directory

Now, Let’s take a quick look at the important directory in Metasploit Framework.


The data directory mostly contains of editable files like wordlist, shell code, sounds, logos,meterpreter.

root@kali:~# ls /usr/share/metasploit-framework/data/
cpuinfo              ipwn           meterpreter  snmp            webcam            isight.bundle  mime.yml     sounds          wmap
eicar.txt            john.conf      msfcrawler   SqlClrPayload   wordlists
emailer_config.yaml  lab            passivex     templates
exploits             logos          php          vncdll.x64.dll
flash_detector       markdown_doc   post         vncdll.x86.dll


In the documentation, there is where the official documentation about the Metasploit framework

root@kali:~# ls /usr/share/metasploit-framework/documentation/
changelog.Debian.gz  developers_guide.pdf.gz   copyright           modules


The Lib directory is the heart of Metasploit where we can find all the Libraries.

root@kali:~# ls /usr/share/metasploit-framework/lib/
anemone        msfenv.rb        rbmysql.rb  sqlmap
anemone.rb     net              rex         tasks
enumerable.rb  postgres         rex.rb      telephony
metasm         postgres_msf.rb  robots.rb   telephony.rb
metasploit     rabal            snmp        windows_console_color_support.rb
msf            rbmysql          snmp.rb


In Metasploit, there are 7 Modules Auxilary, encoders, evasion/windows, exploits, nops, payloads, post.

In the upcoming Lesson, Let’s dive deeper into modules.

root@kali:~# ls /usr/share/metasploit-framework/modules/
auxiliary  encoders  exploits  nops  payloads  post


The Metasploit file system has plugins, Many don’t know even this directory exists. We can also add custom plugins let’s see about that in later Lessons.

root@kali:~# ls /usr/share/metasploit-framework/plugins/
aggregator.rb      ips_filter.rb  openvas.rb           sounds.rb
alias.rb           komand.rb      pcap_log.rb          sqlmap.rb
auto_add_route.rb  lab.rb         request.rb           thread.rb
beholder.rb        libnotify.rb   rssfeed.rb           token_adduser.rb
db_credcollect.rb  msfd.rb        sample.rb            token_hunter.rb
db_tracker.rb      msgrpc.rb      session_notifier.rb  wiki.rb
event_tester.rb    nessus.rb      session_tagger.rb    wmap.rb
ffautoregen.rb     nexpose.rb     socket_logger.rb


In the script directory, we can find the meterpreter, shell, ps, resource. Usually, we use the meterpreter and the shell after successful exploitation.

root@kali:~# ls /usr/share/metasploit-framework/scripts/
meterpreter  ps  resource  shell


In the tools directory, we can find the utilities such as the password list.

root@kali:~# ls /usr/share/metasploit-framework/tools/
context  dev  exploit  hardware  memdump  modules  password  recon

Metasploit Libraries

There are many Metasploit Libraries, Each library, has different functions and help in running Metasploit.


  • The basic library for most tasks
  • Handles sockets, protocols, text transformations, and others
  • SSL, SMB, HTTP, XOR, Base64, Unicode


  • Provides the ‘basic’ API
  • Defines the Metasploit Framework


  • Provides the ‘friendly’ API
  • Provides simplified APIs for use in the Framework

There is much more Library we have seen only the most important, In upcoming classes, we will dive deeper into Libraries too.

In the next chapter, Let’s learn about the Metasploit Modules.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions or brave browser to block ads. Please support us by disabling these ads blocker.Our website is made possible by displaying Ads hope you whitelist our site. We use very minimal Ads in our site


Scroll to Top