{"id":13843847,"url":"https://github.com/milo2012/metasploitHelper","last_synced_at":"2025-07-11T20:30:47.465Z","repository":{"id":25663046,"uuid":"29098699","full_name":"milo2012/metasploitHelper","owner":"milo2012","description":"metasploitHelper","archived":false,"fork":false,"pushed_at":"2020-04-03T01:09:06.000Z","size":5433,"stargazers_count":242,"open_issues_count":4,"forks_count":73,"subscribers_count":37,"default_branch":"master","last_synced_at":"2024-11-21T15:39:36.234Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/milo2012.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-01-11T16:58:48.000Z","updated_at":"2024-09-10T08:25:03.000Z","dependencies_parsed_at":"2022-07-10T13:00:16.216Z","dependency_job_id":null,"html_url":"https://github.com/milo2012/metasploitHelper","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/milo2012/metasploitHelper","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/milo2012%2FmetasploitHelper","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/milo2012%2FmetasploitHelper/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/milo2012%2FmetasploitHelper/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/milo2012%2FmetasploitHelper/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/milo2012","download_url":"https://codeload.github.com/milo2012/metasploitHelper/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/milo2012%2FmetasploitHelper/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264892027,"owners_count":23679208,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T17:02:29.266Z","updated_at":"2025-07-11T20:30:47.061Z","avatar_url":"https://github.com/milo2012.png","language":"Python","funding_links":[],"categories":["Python (1887)","Python"],"sub_categories":[],"readme":"metasploitHelper (msfHelper)\n================  \n**Slides for Black Hat Asia 2017 :**\nhttps://goo.gl/pSUgnc\n\n## Introduction\nmetasploitHelper is meant to assist penetration testers in network penetration tests.\n\nmetasploitHelper (`msfHelper`) communicates with Metasploit via *msrpc*. It uses both port and web related exploits from Metasploit.\n\nYou can point msfHelper at an IP address/Nmap XML file/File containing list of Ip addresses.\n\nFirst, it performs a Nmap scan of the target host(s) and then attempt to find compatible and possible Metasploit modules based on 1) *nmap service banner* and 2) *service name* and run them against the targets.  \n\nPlease see the slides above for more information regarding the tool as well as the video demo.\n\nIt is also possible to use the `-m` option in `msfHelper` along with msfconsole (load msgrpc Pass=xxx) if you would like to interact with the targets that msfHelper had compromised.\n\nmsfHelper by default only test ports which were found in metasploit modules.  If you would like to scan all ports, please use the `-a` option.\n  \n## Demo  \n- The demo shows running msfHelper (exploit modules) against Metasploitable 2   \n```\nsudo python msfHelper.py -a 172.16.126.132 -t exploit\n```\n\u003ca href=\"https://asciinema.org/a/9ZQ6OVWDpv0XMbpOWvvBhEB2A?autoplay=1\" target=\"_blank\"\u003e\u003cimg src=\"https://preview.ibb.co/no2GTo/Screen_Shot_2018_07_29_at_10_02_53_PM.png\"/\u003e\u003c/a\u003e  \n  \n## Docker\n\n- Building from Dockerfile\n\n```\ndocker build -t metasploithelper .\ndocker run --rm -it milo2012/metasploithelper\npython msfHelper.py -a testphp.vulnweb.com\n```\n\n- Pull latest Docker image\n\n```\ndocker pull milo2012/metasploithelper\ndocker run --rm -it milo2012/metasploithelper\npython msfHelper.py -a testphp.vulnweb.com\n```\n\n- To see help menu\n\n```  \ndocker pull milo2012/metasploithelper\ndocker run --rm -it milo2012/metasploithelper\npython msfHelper.py -h\n```\n## Requirements\n\nOn *Kali Linux 2016.2 VM*\n\n```bash\n$ apt-get install git-core -y\n$ git clone https://github.com/SpiderLabs/msfrpc\n$ cd msfrpc \u0026\u0026 cd python-msfrpc \u0026\u0026 python setup.py install\n$ pip install tabulate termcolor python-libnmap msgpack-python beautifulsoup4 termcolor requests\n$ git clone https://github.com/milo2012/metasploitHelper\n$ python msfHelper.py x.x.x.x -i\n```  \n\n## Usage\n\n```\nroot@kali:/code# python msfHelper18.py -h\nusage: PROG [-h] [-P MYPASSWORD] [-p PORTSINPUT] [-o OUTPUTDIRECTORY] [-i]\n            [-m] [-a] [-n THREADS] [-u] [-q] [-gt GREATERTHAN] [--info] [-v]\n            [-s] [-t CATEGORY] [-e {services,web,all,ports}]\n            [target [target ...]]\n\n                __ _   _      _\n _ __ ___  ___ / _| | | | ___| |_ __   ___ _ __\n| '_ ` _ \\/ __| |_| |_| |/ _ \\ | '_ \\ / _ \\ '__|\n| | | | | \\__ \\  _|  _  |  __/ | |_) |  __/ |\n|_| |_| |_|___/_| |_| |_|\\___|_| .__/ \\___|_|\n                               |_|\n\n+-- https://github.com/milo2012/metasploitHelper\n\npositional arguments:\n  target                The target IP(s), range(s), CIDR(s), hostname(s),\n                        FQDN(s) or file(s) containg a list of targets\n\noptional arguments:\n  -h, --help            show this help message and exit\n  -P MYPASSWORD         Password to connect to msfrpc\n  -p PORTSINPUT         Only scan specific TCP ports\n  -o OUTPUTDIRECTORY    Location to save portList.csv, pathList.csv, nmap scan\n                        results\n  -i                    Intelligent mode (Match the Nmap service banner with\n                        the Metasploit modules\n  -m, --manual          Manually start up Msfconsole and 'load msgrpc\n                        Pass=xxxx'\n  -a, --scanall         Scan all 65535 TCP ports\n  -n THREADS            Set how many concurrent threads to use (default: 5)\n  -u, --update          Update Metasploit and metasploitHelper DB\n  -q, --quick           Performs a quick scan - Do not use modules where\n                        TARGETURI is set to /\n  -gt GREATERTHAN       Only scan TCP ports greater than x number\n  --info                Lookup information about ports online\n  -v, --verbose         Verbose mode\n  -s, --showonly        Show matching Metasploit modules but don't run\n  -t CATEGORY           Choose between 'exploit' or 'auxiliary'\n\nWhether to run Metasploit 'services', 'ports', 'web' modules or 'exploitdb':\n  Options for executing commands\n\n  -e {services,web,all,ports}, --exec-method {services,web,all,ports}\n```  \n\n## Sample Usage Examples\n\n**Use the intelligent mode and scan/test the target IP :**\n```\npython msfHelper.py 192.168.1.6 -i\n```\n\n**Specify the ports to be tested :**\n```\npython msfHelper.py 192.168.1.6 -i -p 21,5432\n```\n\n**Run metasploit modules that matches the port number/services/uri paths:**\n```\npython msfHelper.py 192.168.1.6 -i -e ports\npython msfHelper.py 192.168.1.6 -i -e services\npython msfHelper.py 192.168.1.6 -i -e web\n```\n\n**Scan and test all ports on target host :**\n```\npython msfHelper.py 192.168.1.6 -i -a\n```\n\n**Enable verbose mode (see output from Metasploit :**\n```\npython msfHelper.py 192.168.1.6 -i -v\n```\n\n**Run msfHelper and interact with the shells :**\n```\n#on the first terminal window\n$ msfconsole\n$ load msgrpc Pass=xxxxx\n\n#on the second terminal window\npython msfHelper.py 192.168.1.6 -i -m -P xxxxx\n```\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmilo2012%2FmetasploitHelper","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmilo2012%2FmetasploitHelper","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmilo2012%2FmetasploitHelper/lists"}