Learn More about the Metasploit Project

Are you interested in learning more about how to defend against hackers, the concept of penetration testing, the Metasploit Framework, and the Metasploit Project? Take a walk with us.

What is the Metasploit Project?

The Metasploit® Framework is a free, open source penetration testing solution developed by the open source community and Rapid7. It is the de-facto standard for penetration testing with more than one million unique downloads per year and the world’s largest, public database of quality assured exploits.

LEARN MORE

Who Is It for?

If you’re running or responsible for any type of IT system that hackers or cyber criminals may want to break into, deface, or bring down for business or pleasure, Metasploit Framework is for you. The tool enables you to carry out penetration tests (often called “pentests”) on your own systems. This means you’re attacking your own systems in the same way a hacker would to identify security holes. Of course, you do this without actually harming the network.

LEARN MORE

How Do I Use It?

Using the Metasploit Framework can be a little bit daunting if you're a newbie, especially since using it requires knowledge of the penetration testing workflow and most interactions are through the command line. Luckily, the Web is full of how-tos, documents, videos, discussion forums and training providers for Metasploit Framework. We've taken the time to summarize the best ones in this section.

READ MORE

History

During the summer of 2003, HD Moore started the Metasploit Project as a public resource for exploit code research and development. Today, the Metasploit Framework, and its commercial counterparts, Metasploit Pro and Metasploit Express, have become the de facto standard for penetration testing and exploit code development.

LEARN MORE

Commercial Editions

For users who don’t have the time or resources to develop custom penetration testing tools or those who need automated, advanced multi-layer attacks, there is a commercial alternative to the Metasploit Framework. Introduced in 2010, Metasploit Express and Metasploit Pro offer commercial solutions for any organization’s penetration testing needs.

READ MORE

Open Source Commitment

The Metasploit Framework will always be free and an open source. The Metasploit Project and Rapid7 are fully committed to supporting and growing the Metasploit Framework as well as providing advanced solutions for users who need an alternative to developing their own penetration testing tools. It’s a promise.

READ MORE

Related Software

You may also be interested in other security software related to Rapid7, including the free vulnerability scanner NeXpose Community Edition and the free open source web application scanner w3af. NeXpose is integrated with all Metasploit Editions to help you quickly identify vulnerabilities to exploit. w3af enables you to scan Web applications, identify Web vulnerabilities, and exploit them.

READ MORE

Penetration Testing Basics

If you haven’t heard the terms penetration testing, security research, vulnerability, exploit, and payload yet, or you are not quite sure how they’re related, we suggest you check out this primer. It will help you get kick-started with the Metasploit Framework.

READ MORE