Metasploit - Penetration Testing Resources

Metasploit provides useful information and tools for penetration testers, security researchers, and IDS signature developers. This project was created to provide information on exploit techniques and to create a functional knowledgebase for exploit developers and security professionals. The tools and information on this site are provided for legal security research and testing purposes only. Metasploit is an open source project managed by Rapid7.

Announce 2010-07-15: Metasploit Express 3.4.1 Released

   Metasploit Express, an easy to use penetration testing product based on the Metasploit Framework, is now available for purchase and evaluations. Metasploit Express delivers a full graphical user interface, an advanced penetration testing workflow engine, automated exploitation capabilities, native integration with nmap and Rapid7 NeXpose, complete user action audit logs, and configurable reporting. The 3.4.1 release adds 16 new exploits, an overhauled module browser, island-hopping support, brute force support for FTP and HTTPS, enhanced import and export functionality, and improvements to the online update system, including support for HTTP proxies. The full release notes are online.

Announce 2010-07-12: Metasploit Framework 3.4.1 Released

   Version 3.4.1 of the Metasploit penetration testing framework has been released, adding 16 exploits, 22 auxiliary modules, and 11 meterpreter scripts. All 587 exploit modules have been updated to include the Disclosure Date field. Major features added since 3.4.0 include the RAILGUN meterpreter extension by Patrick HVE and the PHP Meterpreter payload by egypt. The Windows installer now ships with support for PostgreSQL database backends. The full release notes are online.

RSS The Metasploit Blog

Jul-28-2010 - W3AF: An Open Source Success Story (hdm)
Jul-12-2010 - Metasploit Framework 3.4.1 Released! (egypt)
Jun-14-2010 - Meterpreter for Pwned Home Pages (egypt)
May-27-2010 - It's Ruby all the way down! (jcran)
May-19-2010 - Introducing Metasploitable (jcran)
May-18-2010 - Metasploit Framework 3.4.0 Released! (egypt)
Apr-22-2010 - Approaching Metasploit 3.4.0 and Metasploit Express (hdm)
Apr-15-2010 - The Java Web Start Argument Injection Vulnerability (jduck)

RSS Metasploit Framework Development

Jul-30-2010 - Bug #2312 (New): jboss_maindeployer - undefined me...
Jul-29-2010 - Bug #2310: ms08_067_netapi and some others exploit...
Jul-29-2010 - Bug #2311 (New): ibm_tsm_cad_ping currently classi...
Jul-29-2010 - Bug #2310 (New): ms08_067_netapi and some others e...
Jul-29-2010 - Revision 9942: initial lab plugin commit
Jul-29-2010 - Revision 9941: updated lab controller
Jul-29-2010 - Bug #2309 (New): -cl vs -c in multiscript.rb
Jul-27-2010 - Revision 9940: Changing logic for the VRFY test.
Jul-27-2010 - Revision 9939: move the stdapi constants into the ...
Jul-27-2010 - Revision 9938: remove debug prints

Copyright © 2003-2010 Rapid7 LLC
Rapid7 Privacy Statement