This site uses cookies for anonymized analytics. For more information or to change your cookie settings, view our Cookie Policy.

The world’s most used penetration testing framework

Knowledge is power, especially when it’s shared. A collaboration between the open source community and Rapid7, Metasploit helps security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness; it empowers and arms defenders to always stay one step (or two) ahead of the game.

Star
19,642

Get Metasploit

Open Source

Metasploit
Framework

Download

Latest

Commercial Support

Metasploit
Pro

Free Trial

Latest

Get visibility into your network with Rapid7's InsightVM
30-Day Trial

Compare Features
View More Projects
View All Modules

Latest Metasploit Modules

Title Date Author
Land #12931, fix the OSX password_prompt_spoof prompt module on Mojave and Catalina Feb 17, 2020 timwr
Land #12892, set default username for mysql and mssql aux login modules Set default username `sa` for auxiliary/scanner/mssql/mssql_login Set default username `root` for auxiliary/scanner/mysql/mysql_login Enable `BLANK_PASSWORDS` option by default for both modules, as the default users make use of a blank password in by default. Feb 16, 2020 bcoles
Land #12448, fix cmd/unix/reverse_perl_ssl and cmd/unix/reverse_php_ssl payloads Feb 16, 2020 timwr
Land #12830, Ensure post/windows/gather/enum_patches gathers all patches Feb 15, 2020 bcoles
Land #12902, Add exploit module for crosschex buffer overflow Feb 13, 2020 dwelch-r7
Land #12902, Add exploit module for crosschex buffer overflow Feb 13, 2020 dwelch-r7
Contribute a Module
View All Pull Requests

Latest Pull Requests

Name Labels Author
Fix bug in owa_login if AUTH_TIME is set to false bug , module ticofoo
Fix post/osx/gather/password_prompt_spoof bug , module phra
Fix getsockname usage in the SOCKS5 server bug , library zeroSteiner
Merge pull request #1 from rapid7/master woodydrn
chmod +x tools/dev/msftidy_docs.rb bug , docs wvu-r7
Add windows ssh persistence docs , module dwelch-r7
Create a Pull Request

Recent Blog Posts

Fri Feb 14 2020

Metasploit Wrap-Up

Ricoh Privilege Escalation No ink? No problem. Here’s some SYSTEM access. A new module by our own space-r7 has been added to Metasploit Framework this week that adds a privilege escalation exploit for various Ricoh printer dr...

Fri Feb 07 2020

Metasploit Wrap-up

In the week after our CTF, we hope the players had a good time and got back to their loved ones, jobs, lives, studies, and most importantly, back to their beds (and you can find out who the winners were here!). For the Metas...

Tue Feb 04 2020

DOUBLEPULSAR over RDP: Baselining Badness on the Internet

How many internet-accessible RDP services have the DOPU implant installed? How much DOPU-over-RDP traffic do we see being sprayed across the internet?...

View More Metasploit Blog Posts

Metasploit in Action

Featured Video


View More Metasploit Videos
View All Contributors

Top Contributors

Last 12 Months

All Time

Contribute to Metasploit
View All

Related Products & Projects

InsightVM

Rapid7’s solution for advanced vulnerability management analytics and reporting.

Free Trial

InsightIDR

Rapid7’s incident detection and response solution unifying SIEM, EDR, and UBA capabilities.

Free Trial

Metasploitable

Virtual machines full of intentional security vulnerabilities. Exploit at will!

Download Now