Infect someone's computer with Metasploit and Nessus is possible? How?

[pikus]

I read one comment here and I would like to know something more, I copy and paste the comment here:

Code:

Hey, srry for delay  
 Metasploit is basically a tool that contains exploits against different software. U can ask: so im able to hack someone pc’s using Metasploit? the aswer is.. Yes, but.. .. there is always a ..but
 How do u know if the victim is vulnerable? How do u know what kind of software is using.. can be a problem to find out.. unless.. u will use great tool called Nessus. Nessus will tell u exacly what the victim has on.. better, will tell u also what kind of vulnerablilietes the system and installed software have. With those information u can prepare Metasploit for an attack. With abit of luck u will get reverse tcp shell without a problem.
Metasploit and Nessus are basically for free. The problem is that Metasploit is not very updated tool, u will not find there new exploits because the idea is: first inform developer about a security whole, wait for an update, then release exploit to public . With Nessus is simmilar situation, if u are using free version u will get updates not so often like the “payment” version.
Nobody will give u “ready,working” exploit just for free 
Of course u can go to milw0rm.com and try one of the posted there but trust me, u will not know what to do with them  
 ook I will not go deeper, if u are interested, go to metasploit and nessus website to learn more. 
 cheers

Please tell me:

do Nessus and Metasploit be injected into the victim's computer? Or they create a "server" that needs to be sent to the computer, so like a virus?

Are they recognized as malicious by antivirus software?

What about infecting somebody's pc with JPG images? Is the jpg infected being recognized by antiviruses? Is a JPG with an exe embedded in it? How can we protect from this kind of attacks?

Do you know how to create such kind of jpg that can be infect my computer?

What is possible to do with this JPG?

I hope I didn't ask many questions, but I am really interested in this. For me and my business security is very important and an audit about security, Nessus and Metasploit can be very productive.

Thanks

[h3xx]

Hey

Took me a long time to find some time

Anyway.

1.Nessus is only a vulnerability scanner, means shows u only if the system (+ installed software) are up to date and brief description of the problem (if there is any).
2.Metasploit is a bunch of exploits that can be used against a victim. They should be detected by antivirus but it depends
U can use metasploit to create your own exploits (use shell code, pay loads.. stuff like this)

for more information check this:
1.First Part
2.Second Part

As u can see Nmap is also a great tool

cheers