This site uses cookies for anonymized analytics. For more information or to change your cookie settings, view our Cookie Policy.

The world’s most used penetration testing framework

Knowledge is power, especially when it’s shared. A collaboration between the open source community and Rapid7, Metasploit helps security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness; it empowers and arms defenders to always stay one step (or two) ahead of the game.

Star
19,764

Get Metasploit

Open Source

Metasploit
Framework

Download

Latest

Commercial Support

Metasploit
Pro

Free Trial

Latest

Get visibility into your network with Rapid7's InsightVM
30-Day Trial

Compare Features
View More Projects
View All Modules

Latest Metasploit Modules

Title Date Author
Land #12865, add features to the rdi post module Feb 26, 2020 smcintyre-r7
Land #12995, Add support for smbv2 to pipe auditor Feb 26, 2020 dwelch-r7
Land #12992, Fix a typo Feb 26, 2020 dwelch-r7
Land #12465, add Android Binder UAF (CVE-2019-2215) Feb 23, 2020 busterb
Land #12970, revert reverse_powershell changes Feb 22, 2020 timwr
Land #12955, Update logic for ForceExploit in modules Feb 21, 2020 jmartin-r7
Contribute a Module
View All Pull Requests

Latest Pull Requests

Name Labels Author
Update cbk914
Use AutoCheck mixin in OpenSMTPD CVE-2020-7247 bug , docs , enhancement , module wvu-r7
Integrate pry-byebug enhancement adfoster-r7
Reorder Expect mixin's send_expect parameters bug , library , module , rn-no-release-notes wvu-r7
Fix OpenSMTPD CVE-2020-7247 module and doc bug , docs , module , rn-no-release-notes wvu-r7
add cmd/unix/reverse_ssh test stub easy , tests jmartin-r7
Create a Pull Request

Recent Blog Posts

Fri Feb 28 2020

Metasploit Wrap-Up

Android Binder UAF, OpenNetAdmin RCE, and a slew of improvements, including colorized HttpTrace output and a better debugging experience for developers....

Fri Feb 21 2020

Metasploit Wrap-Up

Long live copy and paste Adam Galway enhanced the set PAYLOAD command to strip the /payload/, payload/, and / prefixes from a payload name in an effort to improve the user experience while configuring an exploit's payload. Yo...

Fri Feb 14 2020

Metasploit Wrap-Up

Ricoh Privilege Escalation No ink? No problem. Here’s some SYSTEM access. A new module by our own space-r7 has been added to Metasploit Framework this week that adds a privilege escalation exploit for various Ricoh printer dr...

View More Metasploit Blog Posts

Metasploit in Action

Featured Video


View More Metasploit Videos
View All Contributors

Top Contributors

Last 12 Months

All Time

Contribute to Metasploit
View All

Related Products & Projects

InsightVM

Rapid7’s solution for advanced vulnerability management analytics and reporting.

Free Trial

InsightIDR

Rapid7’s incident detection and response solution unifying SIEM, EDR, and UBA capabilities.

Free Trial

Metasploitable

Virtual machines full of intentional security vulnerabilities. Exploit at will!

Download Now