This site uses cookies for anonymized analytics. For more information or to change your cookie settings, view our Cookie Policy.

The world’s most used penetration testing framework

Knowledge is power, especially when it’s shared. A collaboration between the open source community and Rapid7, Metasploit helps security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness; it empowers and arms defenders to always stay one step (or two) ahead of the game.

Get Metasploit

Open Source




Commercial Support


Free Trial


Get visibility into your network with Rapid7's InsightVM
30-Day Trial

Recent Blog Posts

Fri Jun 24 2022

Metasploit Weekly Wrap-Up

Add Windows target support for the Confluence OGNL injection module Improves the exploit/multi/http/atlassian_confluence_namespace_ognl_injection module to support Windows server targets. This new target can be used to run pa...

Fri Jun 17 2022

Metasploit Weekly Wrap-Up

vCenter Secret Extracter Expanding on the work of the vcenter_forge_saml_token auxiliary module, community contributor npm-cesium137-io has added a new module for extracting the vmdir/vmafd certificates, the IdP keypair, the ...

Fri Jun 10 2022

Metasploit Weekly Wrap-Up

A Confluence of High-Profile Modules This release features modules covering the Confluence remote code execution bug CVE-2022-26134 and the hotly-debated CVE-2022-30190, a file format vulnerability in the Windows Operating Sy...

View More Metasploit Blog Posts

View All

Related Products & Projects


Rapid7’s solution for advanced vulnerability management analytics and reporting.

Free Trial


Rapid7’s incident detection and response solution unifying SIEM, EDR, and UBA capabilities.

Free Trial


Virtual machines full of intentional security vulnerabilities. Exploit at will!

Download Now