Staged vs Non-Staged Payloads
Staged vs Non-Staged Payloads in Penetration Testing
When using Metasploit, choosing between staged and non-staged payloads is important depending on your target and environment.
Non-Staged Payloads
Sends the entire payload at once.
Larger in size, which may be blocked or crash the service.
More reliable in some cases due to simplicity.
Example:
windows/meterpreter_reverse_tcp
Staged Payloads
Payload is sent in multiple steps: a small stager loads a larger stage.
Smaller initial size – good for sneaking past filters.
Can be unstable if communication fails during staging.
Example:
windows/meterpreter/reverse_tcp
Pro tip: Use non-staged payloads for simple, direct attacks. Use staged payloads for stealthier approaches when bypassing defenses.
Last updated