What is Metasploit?
The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
What does it do?
The framework consists of tools, libraries, modules, and user interfaces. The basic function of the framework is a module launcher, allowing the user to configure an exploit module and launch it at a target system. If the exploit succeeds, the payload is executed on the target and the user is provided with a shell to interact with the payload.
If you don’t already know about Metasploit I would guess you aren’t even in the security industry.
It’s come a long way since it’s early versions and has picked up huge supports from the community.
- Metasploit now has 445 exploit modules and 216 auxiliary modules (from 320 and 99 respectively in v3.2)
- Metasploit is still about twice the size of the nearest Ruby application according to Ohloh.net (375k lines of Ruby)
- Over 180 tickets were closed during the 3.3 development process
Full release notes for v3.3 are here.
You can download Metasploit v3.3 here:
Or read more here.
Recent in Exploits/Vulnerabilities:
- Cupid Media Hack Exposes 42 Million Passwords In Plain Text
- Linux Backdoor Fokirtor Injects Traffic Into SSH Protocol
- Another IE 0-Day Hole Found & Used By In-Memory Drive By Attacks
- Metasploit Framework 3.4.1 Released – 16 New Exploits, 22 Modules & 11 Meterpreter Scripts
- Metasploit 2.7 Released – Automated Hacking
- Metasploit Exploit Framework Version 3.0 Released
Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 222,864 views
- AJAX: Is your application secure enough? - 118,521 views
- eEye Launches 0-Day Exploit Tracker - 84,955 views