4 min readJul 10, 2017


How to Run An External Pentest

(with Recon-ng, Nmap & Metasploit)


Pentesting is the practice of checking a computer system, network or web application to find vulnerabilities that a hacker could exploit.

I’ll walk you through how to do an External Pentest of your own. You will need to use an ubuntu server and install these tools:

Dave Kennedy’s PTF — https://github.com/trustedsec/ptf

Alex’s Metasploit shell script — http://AlexLevinson.com/metastatic ploit.txt

Recon-ng — for OSINT research

Nmap — for port scanning

Metasploit — for exploitation and scanning

Tmux — Collaboration/learning

VPS Provider — for scanning

Utilize Dave Kennedy’s Penetration Testing Framework by opening up a terminal and

Typing: “ git clone https://github.com/trustedsec/ptf.git ”

“ git clone https://github.com/trustedsec/ptf.git “

Next navigate to the config/ptf.config file which should have installed in the /pentest directory.


“ ./ptf ”

“use modules/install_update_all”


The above command will automatically install everything you need for the PTF Framework to work. The framework itself pulls down pre-compiled sources that allow us to have legitimate pentesting tools without having to deal with individually installing dependencies. Most of the tools are setup to work from the jump other than Metasploit. If you are having any trouble installing this framework check out the repo @ https://github.com/trustedsec/ptf .

After the successful install of David Kennedy’s Penetration Testing Framework you should then move forward to downloading Alex Levinson’s bash script for his version of the Metasploit Framework. David Kennedy’s PTF has a Metasploit Framework built into it already, however here we will use Alex’s bash script version of Metasploit. Alex’s version of MetaSploit automatically pre configures the Postgres Database and also installs all the tools we want within Metasploit automatically. This version of MetaSploit not only saves time but also…