Metasploit Framework v3.1 Released for Download

The New Acunetix V12 Engine


Ah Metasploit development cycle seems to be picking up, I guess with greater community support the bugs get ironed out and the new features introduced faster.

Good to see an update so soon after Metasploit Framework v3.0 was released.

I keep closely up to date with Metasploit as it’s pretty much the best free tool out there right now, and certainly the most exciting along with Nmap.

The latest version features a graphical user interface, full support for the Windows platform, and over 450 modules, including 265 remote exploits. Metasploit 3.1 consolidates a year of research and development, integrating ideas and code from some of the sharpest and most innovative folks in the security research community.

The graphical user interface is a major step forward for Metasploit users on the Windows platform. Development of this interface was driven by Fabrice Mourron and provides a wizard-based exploitation system, a graphical file and process browser for the Meterpreter payloads, and a multi-tab console interface. “The Metasploit GUI puts Windows users on the same footing as those running Unix by giving them access to a console interface to the framework” said H D Moore, who worked with Fabrice on the GUI project.

The latest incarnation of the framework includes a bristling arsenal of exploit modules that are sure to put a smile on the face of every information warrior. Notable exploits in the 3.1 release include a remote, unpatched kernel-land exploit for Novell Netware, written by toto, a series of 802.11 fuzzing modules that can spray the local airspace with malformed frames, taking out a wide swath of wireless-enabled devices, and a battery of exploits targeted at Borland’s InterBase product line. “I found so many holes that I just gave up releasing all of them”, said Ramon de Carvalho, founder of RISE Security, and Metasploit contributor.

Metasploit runs on all modern operating systems, including Linux, Windows, Mac OS X, and most flavors of BSD. Metasploit has been used on a wide range of hardware platforms, from massive Unix mainframes to the tiny Nokia n800 handheld. Users can access Metasploit using the tab-completing console interface, the Gtk GUI, the command line scripting interface, or the AJAX-enabled web interface. The Windows version of Metasploit includes all software dependencies and a selection of useful networking tools.

You can download Metasploit v3.1 here:

Metasploit v3.1 tar.gz
Metasploit v3.1 exe

Or read more here.

Posted in: Exploits/Vulnerabilities, Hacking Tools, Linux Hacking, Windows Hacking

, , , , , , ,


Latest Posts:


Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.


14 Responses to Metasploit Framework v3.1 Released for Download

  1. goodpeople January 29, 2008 at 10:29 am #

    Metasploit rulez!

  2. dirty January 29, 2008 at 9:31 pm #

    Wasn’t the web interface kinda like a gui for the last version? Havn’t downloaded this yet but will tonight. Interested to see how the 2 compare. Seems like Metasploit is getting into ease of use, I hope it doesnt replace functionality.

  3. goodpeople January 29, 2008 at 10:12 pm #

    I like the gui. But the web interface and commandline are still available.

  4. Pantagruel January 30, 2008 at 10:53 pm #

    With goodpeople, the GUI looks pretty slick but I guess avid Metasploit users preffer either the webinterface or the CLI

  5. Dornez February 1, 2008 at 10:32 pm #

    Has the autopwn feature been folded into the official release for this version?

  6. eM3rC February 7, 2008 at 8:00 am #

    I vote for the GUI personally.

    Great program with even more punch!

  7. J. Lion February 11, 2008 at 10:46 pm #

    How does this compare to Core Impact (without considering the cost factor)? Is this better?

  8. eM3rC February 12, 2008 at 2:24 am #

    Metasploit is an excellent disto and seriously recommend you use it. Isn’t core impact like a $4000 program?

  9. J. Lion February 12, 2008 at 6:00 pm #

    @eM3rC

    Probably more – as from what I heard it was a less steep learning curve vs metasploit

  10. eM3rC February 13, 2008 at 2:28 am #

    I would say metasploit because
    1) its not illegally obtained
    2) you can get help really easily
    3) will be a lot more information on it because it is a free and readily available distro.

  11. fever April 8, 2008 at 7:33 pm #

    got this and it is lots of well made tools.

  12. xuan_anhhh June 7, 2008 at 5:27 pm #

    why i can’t download metasploit v3.1

  13. Bogwitch June 9, 2008 at 8:13 am #

    Sheesh.

    The Metasploit servers have an intelligence filter. They ascertain the ability of the proposed downloader to execute their software in a safe manner and, based on some astonishingly clever heuristics, allow or disallow the download. You failed the test.

  14. Navin June 9, 2008 at 1:49 pm #

    HAhahahahahahahahahahahaha

    ROFLMAO man!!