The last time I checked, the framework came with over 450 exploits and 104 payloads to assist its users in security research. The number of payloads and exploits vary thanks to regular updates from the security community. The exploits included are based on well-known and documented vulnerabilities, so targeting a fully updated system would frustrate the user and framework … that is, unless the user knows how to write his own modules.^[2]

The 450 exploits that come bundled with MSF 3.1 are located in msf3.tar\msf3\modules\exploits\.

The directory structure of the modules is very well organized; for example, to find an FTP exploit on a Windows machine, you'd look in the folder windows, and then ftp.

The target program we will be exploiting ...