November 25, 2009

Metasploit 3.3 Released

What is Metasploit?

The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

What does it do?

The framework consists of tools, libraries, modules, and user interfaces. The basic function of the framework is a module launcher, allowing the user to configure an exploit module and launch it at a target system. If the exploit succeeds, the payload is executed on the target and the user is provided with a shell to interact with the payload.

Metasploit has come a long way since it’s early versions and have received notable support from the security community.

  • Metasploit now has 445 exploit modules and 216 auxiliary modules (from 320 and 99 respectively in v3.2)
  • Metasploit is still about twice the size of the nearest Ruby application according to Ohloh.net (375k lines of Ruby)
  • Over 180 tickets were closed during the 3.3 development process

Full release notes for v3.3 are here. Or read more here.

You can download Metasploit 3.3 here:

Windows – framework-3.3.exe
Linux – framework-3.3.tar.bz2