Metasploit - Penetration Testing Resources

Metasploit provides useful information and tools for penetration testers, security researchers, and IDS signature developers. This project was created to provide information on exploit techniques and to create a functional knowledgebase for exploit developers and security professionals. The tools and information on this site are provided for legal security research and testing purposes only. Metasploit is an open source project managed by Rapid7.

Announce 2010-01-18: RSA 2010 Party at Ruby Skye

   Please join Rapid7 and its partners at Ruby Skye on Wednesday, March 3rd, 2010 for the party of RSA 2010!

Announce 2009-12-23: Metasploit 3.3.3 Released!

   Version 3.3.3 of the Metasploit penetration testing framework has been released, featuring exploit safety rankings, a smaller EXE template, the addition of the InitialAutoRunScript option for Meterpreter, and the ability to run a script or command on all open sessions (sessions -c/-s). The complete release notes are online and version 3.3.3 can obtained from the downloads page.

Announce 2009-12-10: Metasploit 3.3.2 Released!

   Version 3.3.2 of the Metasploit penetration testing framework has been released, with improved NeXpose integration, multi-threaded Meterpreter, basic pivoting, updated Oracle modules, an XMLRPC backend, and 42 bug fixes. The complete release notes are online and version 3.3.2 can obtained from the downloads page. on the downloads page.

RSS The Metasploit Blog

Feb-05-2010 - Postgres Fingerprinting (todb)
Feb-05-2010 - Exploiting the Samba Symlink Traversal (hdm)
Jan-15-2010 - Reproducing the "Aurora" IE Exploit (hdm)
Jan-02-2010 - Safe, Reliable, Hash Dumping (hdm)
Dec-31-2009 - Exporting the Registry for Fun and Profit (hdm)
Dec-28-2009 - Exploiting Microsoft IIS with Metasploit (hdm)
Dec-28-2009 - Happy Holidays (Project Updates) (hdm)
Dec-23-2009 - Metasploit Framework 3.3.3 Exploit Rankings (hdm)

RSS Metasploit Framework Development

Feb-09-2010 - Revision 8423: Fix typo
Feb-09-2010 - Revision 8422: randomize filler
Feb-09-2010 - Revision 8421: it works! don't forget to "set AIX ...
Feb-09-2010 - Bug #817 (New): AIX bind/reverse payloads won't ex...
Feb-09-2010 - Revision 8420: oops, wrong syscall number for list...
Feb-08-2010 - Bug #809: Issue with the check command while using...
Feb-08-2010 - Revision 8419: Sample wordlists
Feb-08-2010 - Revision 8418: fixed aix payloads to REALLY do var...
Feb-08-2010 - Revision 8417: See #816. This came up while learni...
Feb-08-2010 - Feature #816 (New): Create user enumeration module...

Copyright © 2003-2010 Rapid7 LLC