This site uses cookies for anonymized analytics. For more information or to change your cookie settings, view our Cookie Policy.

The world’s most used penetration testing framework

Knowledge is power, especially when it’s shared. A collaboration between the open source community and Rapid7, Metasploit helps security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness; it empowers and arms defenders to always stay one step (or two) ahead of the game.

Star
34,936

Get Metasploit

Open Source

Metasploit
Framework

Download

Latest

Commercial Support

Metasploit
Pro

Download

Latest

Get visibility into your network with Rapid7's InsightVM
30-Day Trial

Compare Features
View More Projects
View All Modules

Latest Metasploit Modules

Title Date Author
Land #19879, Add MsDtypSecurityDescriptor to_sddl_text Land #19879, Add MsDtypSecurityDescriptor to_sddl_text Feb 27, 2025 dledda-r7
Land #19897, Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin Land #19897, Invoice Ninja unauthenticated RCE (CVE-2024-55555) and Laravel Crypto Killer mixin Feb 25, 2025 dledda-r7
Land #19894, SimpleHelp Path Traversal CVE-2024-57727 Land #19894, SimpleHelp Path Traversal CVE-2024-57727 Feb 25, 2025 dledda-r7
Land #19878, MyScada MyPro Manager Credential Harverster Module mySCADA MyPRO Manager Credential Harvester (CVE-2025-24865 & CVE-2025-22896) Module Feb 25, 2025 msutovsky-r7
Land #19881, NetAlertX File Read (CVE-2024-48766) Land #19881, NetAlertX File Read (CVE-2024-48766) Feb 25, 2025 dledda-r7
Land #19850, Add fetch payloads for aarch64, armbe, armle, mipsbe, mipsle, ppc, ppc64, ppc64le Land #19850, Add fetch payloads for aarch64, armbe, armle, mipsbe, mipsle, ppc, ppc64, ppc64le Feb 20, 2025 dledda-r7
Contribute a Module
View All Pull Requests

Latest Pull Requests

Name Labels Author
Revert "Linux post libs comments and specs" msutovsky-r7
Add docs for ESC4,13 and 15 vulnerable template configuration docs , easy , rn-documentation jheysel-r7
Ldap vulnerable cert finder minor fix for ESC13 detection bug , rn-fix jheysel-r7
documentation: Fix 404 link in eicar.txt rn-documentation easymoney322
correct password in docs hashes table docs , rn-fix h00die
Fix byte to int conversion in MsAdts bug , rn-fix zeroSteiner
Create a Pull Request

Recent Blog Posts

Fri Feb 28 2025

Metasploit Weekly Wrap-Up: 02/28/2025

This week's Metasploit Weekly Wrap-Up saw 5 new modules. One module adds credential harvesting for MySCADA MyPro Manager using CVE-2025-24865 & CVE-2025-22896....

Fri Feb 21 2025

Metasploit Weekly Wrap-Up 02/21/2025

This Metasploit release includes an exploit module that chains two vulnerabilities; one exploited in the wild by APT groups, & a 0-day found by Rapid7....

Fri Feb 14 2025

Metasploit Weekly Wrap-Up 02/14/2025

This Metasploit weekly wrap-up saw two new module content; one being a new module for an authenticated remote code execution bug in NetAlertx....

View More Metasploit Blog Posts

Metasploit in Action

Featured Video


View More Metasploit Videos
View All Contributors

Top Contributors

Last 12 Months

All Time

Contribute to Metasploit
View All

Related Products & Projects

InsightVM

Rapid7’s solution for advanced vulnerability management analytics and reporting.

Free Trial

InsightIDR

Rapid7’s incident detection and response solution unifying SIEM, EDR, and UBA capabilities.

Free Trial

Metasploitable

Virtual machines full of intentional security vulnerabilities. Exploit at will!

Download Now