Metasploit 3.3 Released! Exploitation Framework


What is Metasploit?

The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

What does it do?

The framework consists of tools, libraries, modules, and user interfaces. The basic function of the framework is a module launcher, allowing the user to configure an exploit module and launch it at a target system. If the exploit succeeds, the payload is executed on the target and the user is provided with a shell to interact with the payload.

If you don’t already know about Metasploit I would guess you aren’t even in the security industry.

It’s come a long way since it’s early versions and has picked up huge supports from the community.

  • Metasploit now has 445 exploit modules and 216 auxiliary modules (from 320 and 99 respectively in v3.2)
  • Metasploit is still about twice the size of the nearest Ruby application according to Ohloh.net (375k lines of Ruby)
  • Over 180 tickets were closed during the 3.3 development process

Full release notes for v3.3 are here.

You can download Metasploit v3.3 here:

Windows – framework-3.3.exe
Linux – framework-3.3.tar.bz2

Or read more here.

Posted in: Exploits/Vulnerabilities, Hacking Tools, Linux Hacking, Windows Hacking

, , , , , , ,


Latest Posts:


HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.
Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.
OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.
trident - Automated Password Spraying Tool trident – Automated Password Spraying Tool
The Trident project is an automated password spraying tool developed to be deployed on multiple cloud providers and provides advanced options around scheduling
tko-subs - Detect & Takeover Subdomains With Dead DNS Records tko-subs – Detect & Takeover Subdomains With Dead DNS Records
tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services and more.


One Response to Metasploit 3.3 Released! Exploitation Framework

  1. nubanx November 24, 2009 at 3:39 pm #

    I have to wonder about future releases due to their recent acquisition by Rapid7…

    But – Kudos to all devs involved, it has evolved into a necessary tool to have.