The main components of the Metasploit architecture are libraries that consist of Rex, framework-core, and framework-base. The other components of the architecture are interfaces, custom plugins, protocol tools, modules, and security tools. Modules included are exploits, payloads, encoders, NOPS, and auxiliary.

In this diagram, we can see the main modules and Metasploit architecture:

The main modules of the Metasploit architecture are:

• Rex: The basic library for most tasks that the framework will execute. It is responsible for handling things such as connections to websites (for example, when we search for sensitive files in a site), Sockets (which are responsible for making a connection from our machine to an SSH server, for example), and a lot of similar utilities related to SSL and Base64.
• MSF :: Core: It defines the functioning of the framework in general (how the modules, exploits, and payloads will work)
• MSF :: Base: Works in a similar way to MSF :: Core,the main difference is that its more friendly and simplified for the developer.
• Plugins: Tools that extend the functionality of the framework, for example, they allow us to integrate with third-party tools such as Sqlmap, OpenVas, and Nexpose.
• Tools: Several tools that are usually useful (for example, "list_interfaces" shows us the information of network interfaces, and "virustotal" checks whether any file is infected through the virustotal.com database).
• Interfaces: All interfaces where we can use Metasploit. A console version, a web version, a GUI version (Graphical User Interface), and CLI, a version of metasploit console.
• Modules: A folder that contains all the exploits, payloads, encoders, auxiliaries, nops, and post.
• Exploits: A program that exploits one or several vulnerabilities in a particular software; it is often used to gain access to a system and have a level of control over it.
• Payloads: A program (or "malicious" code) that accompanies an exploit to perform specific functions once the exploit has been successful. The choice of a good payload is a very important decision when it comes to taking advantage of and maintaining the level of access obtained in a system. In many systems, there are firewalls, Antivirus, and intrusion-detection systems that can hinder the activity of some payloads. For this reason, encoders are often used to try to evade any AV or Firewall.
• Encoders: Provides algorithms to encode and obfuscate the payloads that we will use after the exploit has been successful.
• Aux: Allows interaction with tools such as vulnerability scanners and sniffers. In order to obtain the necessary information about the objective to determine possible vulnerabilities that may affect it, this type of tool is useful for establishing an attack strategy on an objective system, or in the case of a security officer, define defensive measures that allow us to mitigate threats on a vulnerable system.
• Nops: An assembly-language instruction that does not do anything apart from increasing the counter of a program.

In addition to the work modules described here, Metasploit Framework has four different user interfaces: msfconsole (Metasploit Framework console), msfcli (Metasploit Framework client), msfgui (Metasploit Framework graphic interface), and msfweb (server and web interface Metasploit Framework).

The next section focuses on the Metasploit Framework console interface, although the use of any of the other interfaces can provide the same results.