This site uses cookies for anonymized analytics. For more information or to change your cookie settings, view our Cookie Policy.

The world’s most used penetration testing framework

Knowledge is power, especially when it’s shared. A collaboration between the open source community and Rapid7, Metasploit helps security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness; it empowers and arms defenders to always stay one step (or two) ahead of the game.

Star
31,201

Get Metasploit

Open Source

Metasploit
Framework

Download

Latest

Commercial Support

Metasploit
Pro

Download

Latest

Get visibility into your network with Rapid7's InsightVM
30-Day Trial

Compare Features
View More Projects
View All Modules

Latest Metasploit Modules

Title Date Author
Land #18333, Lexmark Device Embedded Web Server RCE (CVE-2023-26068) Sep 19, 2023 cdelafuente-r7
Land #18283, Apache Airflow 1.10.10 - Example DAG Remote Code Execution CVE-2020-11978 + CVE-2020-13927 Merge branch 'land-18283' into upstream-master Sep 18, 2023 bwatters-r7
Land #18377, add support for HELO to smtp_relay auxiliary module in case EHLO is not supported Sep 18, 2023 adfoster-r7
Land #18359, Forge ticket fix Sep 18, 2023 dwelch-r7
Land #18321, Add Ivanti Avalanche MDM Buffer Overflow Exploit (CVE-2023-32560) Sep 18, 2023 cgranleese-r7
Land #18358, Add a Thrift RPC client This PR adds a Thrift RPC client and updates two modules to make use of the new addition. Sep 14, 2023 jheysel-r7
Contribute a Module
View All Pull Requests

Latest Pull Requests

Name Labels Author
Remove left behind debug logging from prometheus exporter rn-fix adfoster-r7
add support for HELO to smtp_relay auxiliary module in case EHLO is not supported rn-enhancement ErikWynter
Fix msfrpc hanging when updating saved command history rn-fix adfoster-r7
Fix opt address local crash when ipaddr is nil rn-fix adfoster-r7
Fix msfrpc edgecase when cleaning up console instance adfoster-r7
Fix msfrpc hanging forever if rsock pair doesnt connect rn-fix adfoster-r7
Create a Pull Request

Recent Blog Posts

Fri Sep 15 2023

Metasploit Weekly Wrap-Up

Flask Cookies This week includes two modules related to Flask cookie signatures. One is specific to Apache Superset where session cookies can be resigned, allowing an attacker to elevate their privileges and dump the database...

Fri Sep 08 2023

Metasploit Weekly Wrap-Up

New module content (4) Roundcube TimeZone Authenticated File Disclosure Authors: joel, stonepresto, and thomascube Type: Auxiliary Pull request: #18286 contributed by cudalac Path: auxiliary/gather/roundcube_auth_file_read At...

Fri Sep 01 2023

Metasploit Weekly Wrap-Up

Pumpkin Spice Modules Here in the northern hemisphere, fall is on the way: leaves changing, the air growing crisp and cool, and some hackers changing the flavor of their caffeine. This release features a new exploit module t...

View More Metasploit Blog Posts

Metasploit in Action

Featured Video


View More Metasploit Videos
View All Contributors

Top Contributors

Last 12 Months

All Time

Contribute to Metasploit
View All

Related Products & Projects

InsightVM

Rapid7’s solution for advanced vulnerability management analytics and reporting.

Free Trial

InsightIDR

Rapid7’s incident detection and response solution unifying SIEM, EDR, and UBA capabilities.

Free Trial

Metasploitable

Virtual machines full of intentional security vulnerabilities. Exploit at will!

Download Now