[ad]
What is Metasploit?
The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
What does it do?
The framework consists of tools, libraries, modules, and user interfaces. The basic function of the framework is a module launcher, allowing the user to configure an exploit module and launch it at a target system. If the exploit succeeds, the payload is executed on the target and the user is provided with a shell to interact with the payload.
If you don’t already know about Metasploit I would guess you aren’t even in the security industry.
It’s come a long way since it’s early versions and has picked up huge supports from the community.
- Metasploit now has 445 exploit modules and 216 auxiliary modules (from 320 and 99 respectively in v3.2)
- Metasploit is still about twice the size of the nearest Ruby application according to Ohloh.net (375k lines of Ruby)
- Over 180 tickets were closed during the 3.3 development process
Full release notes for v3.3 are here.
You can download Metasploit v3.3 here:
Windows – framework-3.3.exe
Linux – framework-3.3.tar.bz2
Or read more here.
nubanx says
I have to wonder about future releases due to their recent acquisition by Rapid7…
But – Kudos to all devs involved, it has evolved into a necessary tool to have.