This site uses cookies for anonymized analytics. For more information or to change your cookie settings, view our Cookie Policy.

The world’s most used penetration testing framework

Knowledge is power, especially when it’s shared. A collaboration between the open source community and Rapid7, Metasploit helps security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness; it empowers and arms defenders to always stay one step (or two) ahead of the game.

Star
14,126

Get Metasploit

Open Source

Metasploit
Framework

Download

Latest

Commercial Support

Metasploit
Pro

Free Trial

Latest

Compare Features
View More Projects
View All Modules

Latest Metasploit Modules

Title Date Author
Land #10572 eaton ssh private key scanner Nov 15, 2018 h00die
Land #10925, smb_login error/status message Nov 14, 2018 Chiggins
Land #10828, git submodule url exec CVE-2018-17456 Nov 14, 2018 jrobles-r7
Land #10607, Add External Module: office365userenum.py Nov 13, 2018 busterb
Land #10938, add docs for modules and fix bug. Add docs for auxiliary module http_basic/imap/mysql, and fix a bug in modules/auxiliary/server/capture/mysql.rb Nov 13, 2018 Green-m
Land #10767, Add Cisco Prime Infrastructure remote root exploit Nov 10, 2018 bcoles
Contribute a Module
View All Pull Requests

Latest Pull Requests

Name Labels Author
Fix extraneous whitespace in check output bug , library , msfconsole wvu-r7
Small improvements to the freesshd_authbypass module Psi0NYX
Fix db_connect issue when re-establishing DB connection after msfconsole started without DB connection bug , database , msf5 mkienow-r7
Port msmailprobe to msf external modules , msf5 clee-r7
Prepend python path bug , external modules jrobles-r7
Ensure `sessions --up` shows only services which are up bug , database bcoles
Create a Pull Request

Recent Blog Posts

Fri Nov 16 2018

Metasploit Wrapup

The Malicious Git HTTP Server For CVE-2018-17456 module by timwr exploits a vulnerability in Git that can cause arbitrary code execution when a user clones a malicious repository using commands such as git clone --recurse-sub...

Fri Nov 09 2018

Metasploit Wrapup

Now in Framework: Exploit for jQuery File Upload plugin vuln, two new post modules to exfil images and texts from compromised iOS devices. Plus, this year's community CTF....

Mon Nov 05 2018

Announcing the 2018 Metasploit Community CTF

Two targets, three days, and a thousand teams: Put your skills to the test for a chance to win prizes and bragging rights in Metasploit’s 2018 community CTF....

View More Metasploit Blog Posts

Metasploit in Action

Featured Video


View More Metasploit Videos
View All Contributors

Top Contributors

Last 12 Months

All Time

Contribute to Metasploit
View All

Related Products & Projects

InsightVM

Rapid7’s solution for advanced vulnerability management analytics and reporting.

Free Trial

InsightIDR

Rapid7’s incident detection and response solution unifying SIEM, EDR, and UBA capabilities.

Free Trial

Metasploitable

Virtual machines full of intentional security vulnerabilities. Exploit at will!

Download Now