Metasploit | Penetration Testing Software, Pen Testing Security

Knowledge is power, especially when it’s shared. A collaboration between the open source community and Rapid7, Metasploit helps security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness; it empowers and arms defenders to always stay one step (or two) ahead of the game.

Latest Metasploit Modules

Title	Date	Author
Land #18365, TOTOLINK X5000R Wireless GigaBit Router Unauthenticed RCE [CVE-2023-30013]	Sep 21, 2023	cdelafuente-r7
Land #18374, fix related modules references	Sep 20, 2023	cgranleese-r7
Land #18333, Lexmark Device Embedded Web Server RCE (CVE-2023-26068)	Sep 19, 2023	cdelafuente-r7
Land #18283, Apache Airflow 1.10.10 - Example DAG Remote Code Execution CVE-2020-11978 + CVE-2020-13927 Merge branch 'land-18283' into upstream-master	Sep 18, 2023	bwatters-r7
Land #18377, add support for HELO to smtp_relay auxiliary module in case EHLO is not supported	Sep 18, 2023	adfoster-r7
Land #18359, Forge ticket fix	Sep 18, 2023	dwelch-r7

Title

Date

Author

Land #18365, TOTOLINK X5000R Wireless GigaBit Router Unauthenticed RCE [CVE-2023-30013]

Sep 21, 2023

cdelafuente-r7

Land #18374, fix related modules references

Sep 20, 2023

cgranleese-r7

Land #18333, Lexmark Device Embedded Web Server RCE (CVE-2023-26068)

Sep 19, 2023

cdelafuente-r7

Land #18283, Apache Airflow 1.10.10 - Example DAG Remote Code Execution CVE-2020-11978 + CVE-2020-13927 Merge branch 'land-18283' into upstream-master

Sep 18, 2023

bwatters-r7

Land #18377, add support for HELO to smtp_relay auxiliary module in case EHLO is not supported

Sep 18, 2023

adfoster-r7

Land #18359, Forge ticket fix

Sep 18, 2023

dwelch-r7

Contribute a Module

Latest Pull Requests

Name	Labels	Author
Add a new lmkdir command to be able to create directory on local machine from meterpreter		e-lliot
Add a new lmkdir command to be able to create directory on local machine from meterpreter	needs-unique-branch	e-lliot
Fix broken test suite when running in small console window	rn-no-release-notes	adfoster-r7
Remove left behind debug logging from prometheus exporter	rn-fix	adfoster-r7
add support for HELO to smtp_relay auxiliary module in case EHLO is not supported	rn-enhancement	ErikWynter
fix related modules references	enhancement , rn-enhancement	h00die

Name

Labels

Author

Add a new lmkdir command to be able to create directory on local machine from meterpreter

e-lliot

Add a new lmkdir command to be able to create directory on local machine from meterpreter

needs-unique-branch

e-lliot

Fix broken test suite when running in small console window

rn-no-release-notes

adfoster-r7

Remove left behind debug logging from prometheus exporter

rn-fix

adfoster-r7

add support for HELO to smtp_relay auxiliary module in case EHLO is not supported

rn-enhancement

ErikWynter

fix related modules references

enhancement , rn-enhancement

h00die

Create a Pull Request

Recent Blog Posts

Fri Sep 22 2023

Metasploit Weekly Wrap-Up

Improved Ticket Forging Metasploit’s admin/kerberos/forge_ticket module has been updated to work with Server 2022. In Windows Server 2022, Microsoft started requiring additional new PAC elements to be present - the PAC reques...

Fri Sep 15 2023

Metasploit Weekly Wrap-Up

Flask Cookies This week includes two modules related to Flask cookie signatures. One is specific to Apache Superset where session cookies can be resigned, allowing an attacker to elevate their privileges and dump the database...

Fri Sep 08 2023

Metasploit Weekly Wrap-Up

New module content (4) Roundcube TimeZone Authenticated File Disclosure Authors: joel, stonepresto, and thomascube Type: Auxiliary Pull request: #18286 contributed by cudalac Path: auxiliary/gather/roundcube_auth_file_read At...

View More Metasploit Blog Posts