Metasploit

Metasploit took the security world by storm when it was released in 2004. It is an advanced open-source platform for developing, testing, and using exploit code. The extensible model through which payloads, encoders, no-op generators, and exploits can be integrated has made it possible to use the Metasploit Framework as an outlet for cutting-edge exploitation research. It ships with hundreds of exploits, as you can see in their list of modules. This makes writing your own exploits easier, and it certainly beats scouring the darkest corners of the Internet for illicit shellcode of dubious quality. One free extra is Metasploitable, an intentionally insecure Linux virtual machine you can use for testing Metasploit and other exploitation tools without hitting live servers.

Metasploit was completely free, but the project was acquired by Rapid7 in 2009 and it soon sprouted commercial variants. The Framework itself is still free and open source, but they now also offer a free-but-limited Community edition, a more advanced Express edition ($5,000 per year per user), and a full-featured Pro edition. Other paid exploitation tools to consider are Core Impact (more expensive) and Canvas (less).

The Metasploit Framework now includes an official Java-based GUI and also Raphael Mudge's excellent Armitage. The Community, Express, and Pro editions have web-based GUIs. For downloads and more information, visit the Metasploit homepage.

Popularity
#2, 3
Latest release
  • 4.11
  • Dec. 18, 2014 (9 years, 10 months ago)
Links
Rating
★★★★½ (9)
★★★★★
89% ★★★★
0% ★★★
0% ★★
0%
11%
Outdated/incomplete?

Screenshots

Comments

★★★★★ Abeon

The "official Java-based GUI" link to security week is now 404. New URL is securityweek dot com /2010/07/14/metasploit-new-gui/

no rating Mr Metasploit

This is undoubtedly one of the most powerful and useful tools to get to grips with. This tool can really advanced your skill level and knowledge in many security fields.

★★★★★ mohamed zain elbashee

Is by far Metasploit is the most powerful! out there . I am hooping for more integration to the framework from the other third party open source tools.

But by far I love it

no rating JustAsking

Is the Pro edition still at $15,000? I was talking to someone who said the price is variable. Can anyone confirm what they paid?

★★★★★ Chris

Love this tool kit.. best ever toolkit to find.. just enjoy

★★★★★ Andrea Bodei

Metasploit is amazing, it is a good idea to develop private exploit and integrate it in this framework. In the future its features would probably be more user friendly than the expensive core impact

no rating eternalnewbie

Macuser you can use whith Kali linux, install in your Mac or use Virualbox.

no rating a000

How could it be sold for money yet still depend on free community contribution?

Couldn't figure out.

Ray Dios Haque

This was once a thin and useful product. It has been become a bloated, commercialized, and over-priced pile of cow dung. Thank you @stake for ruining *yet another* formerly useful product!

no rating MacUser

There is no longer a download for MAC? Did they stop supporting it or is it just hidden?

no rating Joomla Blog

I've heard a lot about Metasploit but didn't use. It sounds interesting and will want to use it.

★★★★★ brk

the most powerful! hope to develop more free module ! more free module!

★★★★★ ritesh singh

Metasploit Change the way of exploiting.i want to say something about metasploit "Metasploit Team Work So Hard for Upgrading this to make it More Effective and useful ."

★★★★★ Jason Hellenthal

Certainly a Top 5 Component.

★★★★★ Palgye9

This is it, the one tools that I place more faith in than some of the commercial products out there.

Comments disabled

Feed for updates.

Home