This site uses cookies for anonymized analytics. For more information or to change your cookie settings, view our Cookie Policy.

The world’s most used penetration testing framework

Knowledge is power, especially when it’s shared. A collaboration between the open source community and Rapid7, Metasploit helps security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness; it empowers and arms defenders to always stay one step (or two) ahead of the game.

Get Metasploit

Open Source




Commercial Support




Get visibility into your network with Rapid7's InsightVM
30-Day Trial

Recent Blog Posts

Fri Sep 15 2023

Metasploit Weekly Wrap-Up

Flask Cookies This week includes two modules related to Flask cookie signatures. One is specific to Apache Superset where session cookies can be resigned, allowing an attacker to elevate their privileges and dump the database...

Fri Sep 08 2023

Metasploit Weekly Wrap-Up

New module content (4) Roundcube TimeZone Authenticated File Disclosure Authors: joel, stonepresto, and thomascube Type: Auxiliary Pull request: #18286 contributed by cudalac Path: auxiliary/gather/roundcube_auth_file_read At...

Fri Sep 01 2023

Metasploit Weekly Wrap-Up

Pumpkin Spice Modules Here in the northern hemisphere, fall is on the way: leaves changing, the air growing crisp and cool, and some hackers changing the flavor of their caffeine. This release features a new exploit module t...

View More Metasploit Blog Posts

View All

Related Products & Projects


Rapid7’s solution for advanced vulnerability management analytics and reporting.

Free Trial


Rapid7’s incident detection and response solution unifying SIEM, EDR, and UBA capabilities.

Free Trial


Virtual machines full of intentional security vulnerabilities. Exploit at will!

Download Now