Metasploit tutorial

i m a student of an eminent technical institue and i m interested in penetration testing project metasploit(
I have prilimenary knowledge but i want to make most out of it. I need a DETAILED tutorial i.e. what are payloads exactly mean,how to select the best one for a given exploit, on which port of remote machine we can run a given exploit  and other stuff. I searched on google and on but they give only brief overview assuming some backgruond knowledge.

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.


Hi, have you looked at 3 part tutorial at securityfocus?
IMO they are pretty good.
namo21Author Commented:
i have read them. they explain general procedure not how one can decide best payload for the exploit and what does this payload mean and how it plays its role in the process, these issues are not addressed well. they just say to choose a particular without expaining why.
Why Diversity in Tech Matters

Kesha Williams, certified professional and software developer, explores the imbalance of diversity in the world of technology -- especially when it comes to hiring women. She showcases ways she's making a difference through the Colors of STEM program.

Seems like your question is related more to art/science/whatever of vulnerabilities research and their exploitation than it is to Metasploit project. And yes indeed, Metasploit is just a tool trying to make working with exploits easier; so most, if not all, tutorials about Metasploit are just
user manuals that won't give you much if you don't have fundamental knowledge what the exploits are.

This subject invites a much more extensive treatment than
an internet-few-outdated-pages-tutorial-like format can provide.
e.g. Syngress have few books on the subject:
"Sockets, Shellcode, Porting, and Coding : Reverse Engineering Exploits and Tool Coding for Security Professionals" (Paperback)
by James C. Foster, Stuart McClure

"Shellcoder's Programming Uncovered" ,"Buffer Overflow Attacks : Detect, Exploit, Prevent" ... etc ..

(eventhough some of them may be more of fiction book than
anything practical, but..)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Tim HolmanCommented:
Metasploit won't give you this sort of information.  Something like Canvas would though (although is $ware).
> ..  need a DETAILED tutorial i.e. what are payloads exactly mean,how to select the best one for a given exploit
.. and we need DETAILED description which payload of which exploit for which target you mean, and how you access this target and how it is protected, and how much noice you want to be "seen", and .. and .. and ..
Hope this explains tim_holman's last comment.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.