What are the three most important tables in the Metasploit database?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

What are the three most important tables in the Metasploit database?

Explanation:
The question tests understanding of how Metasploit’s database organizes a target and its findings. The three most important tables are hosts, services, and vulns. hosts represents each discovered asset with identifiers like IP, host name, OS info, and timing. services attaches to a host and records the open ports and the service details (port, protocol, banner, version). vulns captures vulnerabilities found on those services and links back to the specific host and service. This chain—host, then its services, then the vulnerabilities found on those services—lets you see an asset, what it exposes, and what weaknesses exist, which is essential for prioritization, pivoting, and reporting. Other data like creds, notes, or loot are useful, but they’re supplementary to this core model. Modules or collections of exploits (exploits, payloads, auxiliaries) are part of the tooling, not the primary data structure you rely on to map and triage targets.

The question tests understanding of how Metasploit’s database organizes a target and its findings. The three most important tables are hosts, services, and vulns. hosts represents each discovered asset with identifiers like IP, host name, OS info, and timing. services attaches to a host and records the open ports and the service details (port, protocol, banner, version). vulns captures vulnerabilities found on those services and links back to the specific host and service. This chain—host, then its services, then the vulnerabilities found on those services—lets you see an asset, what it exposes, and what weaknesses exist, which is essential for prioritization, pivoting, and reporting.

Other data like creds, notes, or loot are useful, but they’re supplementary to this core model. Modules or collections of exploits (exploits, payloads, auxiliaries) are part of the tooling, not the primary data structure you rely on to map and triage targets.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy