Meterpreter is an attack payload used in the Metasploit attack framework used widely by security professionals, including threat hunters. Metasploit is an attack toolset used to aid in penetration testing and IDS signature development. Based on its features, Metasploit can be leveraged by attackers as well.

Meterpreter has been defined by Offensive Security as:

…an advanced, dynamically extensible payload that uses in-memory DLL injection stagers and is extended over the network at runtime. It communicates over the stager socket and provides a comprehensive client-side Ruby API. It features command history, tab completion, channels, and more.

Metepreter was originally written by skape for Metasploit 2.x, common extensions were merged for 3.x and is currently undergoing an overhaul for Metasploit 3.3. The server portion is implemented in plain C and is now compiled with MSVC, making it somewhat portable. The client can be written in any language but Metasploit has a full-featured Ruby client API.


The Meterpreter payload is used to grant the attacker a shell on the compromised system allowing the attacker to explore and execute code.


The Meterpreter payload features a huge number of free post-exploitation modules. These modules are documented at the Offensive Security website.

Join our newsletter

Follow Us

Discover More!