Installing Metasploit Community Edition on Windows

For a successful installation on Windows, follow these steps:

1. First of all, please make sure that you have disabled the anti-virus (AV) and firewall on your system. AV generally detects and flags some files as malicious in Metasploit CE:

2. Also, please make sure that you put the Metasploit installation folder in your AV and firewall exceptions list if you're running Windows. This way, your generated payloads will be excluded from the AV:

3. Since Metasploit CE can also be accessed via a web interface (over SSL), please make sure you provide the correct Server Name (hostname) for the SSL certificate generation process:

4. Once the installation is complete, you can check all the files in the C:\metasploit directory:

5. Before you can start using the web interface, you need to initialize the user account. If you try accessing the web server using the hostname instead of localhost, you'll get a warning message. To continue, just follow the instructions given:

6. To initialize the user account, you need to execute the createuser Batch script available in the C:\metasploit directory:

7. There is just one last step left now. Once the user has been created, you will be redirected to the activation page. To activate the CE instance, you need to get the product key, which can be retrieved from the registered email ID you used at the time of registration (this is why registration is important – so you can receive the activation code via email):

8. Use the product key from your email and activate Metasploit CE:

On successful activation, you'll be redirected to the Project Listing page:

Before you can start using the Metasploit web interface, you need to develop an understanding of the interface itself.