Test your network to uncover exploitable security gaps with Metasploit
- Safely simulate attacks on your network to uncover pressing security issues with the industry’s most complete set of exploits.
- Further assess and validate vulnerabilities in your environment.
- Verify your defenses, security controls, and mitigation efforts with advanced evasion techniques, testing for weak credentials, and the ability to manage penetration tests at scale.
- Manage phishing exposure through testing both user awareness and technical controls.
Are you using Metasploit Express and wondering what Metasploit Pro could do for you? This document outlines the most important differences between Metasploit Pro and Metasploit Express. In general terms, Metasploit Pro is a fully-featured security solution for security programs and advanced penetration tests in mid-sized and enterprise security teams. By contrast, Metasploit Express is the low-cost, entry-level edition with a limited feature set.
Security Auditing Wizards
Simplify and Operationalize Security Testing
VPN pivoting
Team Collaboration
PCI DSS and FISMA Reporting
Web app scanning
SQL injection or cross-site scripting attacks are successful. Prove where you are vulnerable with Metasploit Pro and lock the barn door before the horses get out.
Social engineering: Managing User Risk
- Opened the email
- Clicked on the link
- Submitted a web form
- Used an exploitable browser
Enhanced command-line console
Everyone has a preference, and you've got yours. Our penetration testing software allows you to choose your favorite user interface - web-based or command-line - or mix it up!New to Metasploit? Use the web-based interface to reduce the need for training, and get the job done faster.Metasploit veteran? Use the advanced CLI functionality of Metasploit Pro to get access to new, high-level commands, better manage your data and generate a single report for all activities.Integration and Automation
Many drive-by attacks have become automated, so security professionals are at a disadvantage if they don't follow suit. With Metasploit Pro you can become more productive using the following ways to automate and integrate:- Metasploit Pro API: Build your own automation from from scratch, integrate with GRC and SIEM solutions, as well as custom vulnerability management tools while getting all that Metasploit Pro has to offer. Our integrations and feature set are improving every day, but don’t let us hold you back!
- Task chains: Set up custom workflows without having to write a single line of code. Task chains can be scheduled to run manually, one, or at scheduled intervals. Complete simple tasks or entire penetration tests, and have the reports sent to you by email after the workflow has completed.
Vulnerability Verification
Post-Exploitation Macros and Persistent Sessions
Tagging Hosts
Managing your target assets and organizing your work is time consuming and maintaining a spreadsheet of IP addresses isn’t the most efficient or secure tactic. Metasploit Pro keeps track of all hosts and enables you to tag hosts to assign hosts to a person, mark the scope of a project, or flag high-value targets. Hosts can also be tagged by source (from Nexpose, internal scan, list from IT). Tags also serve as references for later actions; for example, if you've marked certain hosts with the "pci" tag, you can then start a smart exploitation action on these machines simply by entering #pci into the hosts field.Metasploit Express
For security professionals in enterprises and government agencies.Mobilisafe
For organizations seeking to manage the risk associated with mobile devices.Top Features Overview: Free vs. Commercial Metasploit Editions
Feature | Details | Metasploit Framework | Metasploit Community | Metasploit Express | Metasploit Pro |
---|---|---|---|---|---|
License | Use one of several editions. Commercial licenses are annual named-user licenses with unlimited installs per user. | Free | Free | $5,000 | Call |
Quick Start Wizards | Conduct baseline penetration tests to find low-hanging fruit, web app tests, or phishing campaigns. Shortcut the first steps of an engagements and go deeper after the Wizard completes. | Y | |||
Smart Exploitation | Have Metasploit auto-select all exploits that match fingerprinted devices and services. Select a minimum reliability ranking for safe testing. Supports dry-run to see which exploits would be run before launching them. | Y | Y | ||
Credentials Bruteforcing | Try out the most common or previously captured passwords on more than a dozen service types with one command. Password hashes can be automatically cracked if based on weak passwords or used in pass-the-hash attacks. | Y | Y | ||
MetaModules | MetaModules simplify and operationalize security testing for IT security professionals. Many security testing techniques are either based on cumbersome tools or require custom development, making them expensive to use. To expedite this testing, MetaModules automate common yet complicated security tests that provide under-resourced security departments a more efficient way to get the job done. | Y | |||
Closed-loop Risk Validation | Verify vulnerabilities and misconfigurations to prioritize risks and return the results into Nexpose | Y | |||
Web App Testing | Scan, audit and exploit web applications for vulnerabilities, including the OWASP Top 10 2013. | Y | |||
Social Engineering | For Penetration testers: Send
out phishing emails containing attachments or links to websites hosting
exploits or fake login forms. Create USB flash drives with malicious
files to compromise a machine. | Y | |||
Pro Console | Advanced command-line functionality of Metasploit Pro to get access to new, high-level commands, better manage your data and generate a single report for all activities, increasing your overall productivity. | Y | |||
Reporting | Create
basic penetration testing reports without cutting and pasting
information, including audit reports and compromised hosts reports. | (Y) | Y | ||
Advanced Anti-virus Evasion | Use advanced anti-virus evasion techniques, such as custom executable templates, to ensure that your payload does not get stopped by anti-virus solutions on the target host. | Y | |||
VPN Pivoting | Get full layer-2 network access through a compromised host, enabling you to use any network-based tool through a compromised host, e.g. a vulnerability scanner, to get more visibility and use advanced techniques. | Y |
Detailed Metasploit Editions Comparison Table
Feature | Details | Metasploit Framework | Metasploit Community | Metasploit Express | Metasploit Pro |
---|---|---|---|---|---|
Pricing | |||||
License | Use one of several editions. Commercial licenses are annual named-user licenses with unlimited installs per user. | Free | Free | $5,000 | Call |
User Interface | |||||
Web-based User Interface | User-friendly web-based user interface that increases productivity and reduces training needs. | Y | Y | Y | |
Command-Line Interface | Basic command-line interface, most prominently used in Metasploit Framework. | Y | Y | ||
Pro Console | Advanced command-line functionality of Metasploit Pro to get access to new, high-level commands, better manage your data and generate a single report for all activities, increasing your overall productivity. | Y | |||
Penetration Testing | |||||
Comprehensive Exploit Coverage | Metasploit includes the world's largest public collection of quality-assured exploits. | Y | Y | Y | Y |
Manual Exploitation | Select a single exploit to launch against a single host. | Y | Y | Y | Y |
Basic Exploitation | Select a single exploit to launch against any number of hosts in your environment. | Y | Y | Y | |
Smart Exploitation | Have Metasploit auto-select all exploits that match fingerprinted devices and services. Select a minimum reliability ranking for safe testing. Supports dry-run to see which exploits would be run before launching them. | Y | Y | ||
Exploitation Chaining | Automatically combine several exploits and auxiliary modules, e.g. to compromise Cisco routers | Y | |||
Evidence Collection | Collect evidence of compromise with one button, including screenshots, passwords and hashes, and system info | Y | Y | ||
Post-exploitation Macros | Automatically launch a customized set of post-exploitation modules after successfully compromising a machine, e.g. to automatically collect evidence from hosts. | Y | |||
Persistent Sessions | Re-establish a session after a connection gets interrupted, e.g. because of a phished user who closes his laptop. | Y | |||
Bruteforcing Credentials | Try out the most common or previously captured passwords on more than a dozen service types with one command. Password hashes can be automatically cracked if based on weak passwords or used in pass-the-hash attacks. | Y | Y | ||
Social Engineering | Send out phishing emails containing attachments or links to websites hosting exploits or fake login forms. Create USB flash drives with malicious files to compromise a machine. | Y | |||
Web App Testing | Scan, audit and exploit web applications for vulnerabilities, including the OWASP Top 10 2013. | Y | |||
IDS/IPS Evasion | Get to the target without being detected through IDS/IPS evasion | Y | |||
Advanced Anti-virus Evasion | Use advanced anti-virus evasion techniques, such as custom executable templates, to ensure that your payload does not get stopped by anti-virus solutions on the target host. | Y | |||
Proxy Pivoting | Use a compromised machine to launch an exploit against another target. | Y | Y | Y | Y |
VPN Pivoting | Get full layer-2 network access through a compromised host, enabling you to use any network-based tool through a compromised host, e.g. a vulnerability scanner, to get more visibility and use advanced techniques. | Y | |||
Reporting | |||||
Basic Reporting | Create basic penetration testing reports without cutting and pasting information, including audit reports and compromised hosts reports. | Y | Y | ||
Replay Scripts | Generate scripts that replay an attack so that your customers can test if remediation worked. | Y | Y | ||
Advanced Reporting | Create reports for web application testing and social engineering campaigns as well as compliance reports that map findings to PCI DSS or FISMA requirements. | Y | |||
Productivity Enhancements | |||||
Quick Start Wizards | Conduct baseline penetration tests to find low-hanging fruit, web app tests, or phishing campaigns. Shortcut the first steps of an engagements and go deeper after the Wizard completes. | Y | |||
MetaModules | MetaModules simplify and operationalize security testing for IT security professionals. Many security testing techniques are either based on cumbersome tools or require custom development, making them expensive to use. To expedite this testing, MetaModules automate common yet complicated security tests that provide under-resourced security departments a more efficient way to get the job done. | Y | |||
Discovery Scans | Leverage the integrated nmap scanner in combination with advanced fingerprinting techniques to map out the network and identify devices | Y | Y | Y | |
Data Management | Track all discovered and found data in a searchable database. Find outliers through the Grouped View. | Y | Y | Y | |
Tagging | Tag hosts to assign hosts to mark an import source, a person, mark the scope of a project, or flag high-value targets. Use tags to refer back to hosts in later actions. | Y | |||
Task Chains | Create custom workflows to start manually, schedule once or on an ongoing basis. | Y | |||
Pro API | Use an advanced, fully documented API to integrate Metasploit Pro into SIEM and GRC solutions or create custom automations and integrations. | Y | |||
Integrations | Integrate out-of-the-box with GRC and SIEM solutions | Y | |||
Team Collaboration | Work on the same project with several team members, splitting the workload and leveraging different levels of expertise and specialization. Share all information and create a unified report. | Y | |||
Security Programs | |||||
Closed-loop Risk Validation | Verify vulnerabilities and misconfigurations to prioritize risks and return the results into Nexpose | Y | |||
Managing Phishing Exposure | Send out simulated phishing emails to measure user awareness, including how many people clicked on a link in an email or entered credentials on a fake login page, and deliver training to users who've shown risky behavior. | Y | |||
Vulnerability Verification | |||||
Vulnerability import | Import output files from Nexpose and third-party vulnerability scanners | Y | Y | Y | Y |
Web vulnerability import | Import output files from various third-party web application scanners | Y | Y | ||
Nexpose scans | Start a Nexpose scan from within the interface. Results are automatically imported to Metasploit. | Y | Y | Y | |
Direct Import | Directly import existing Nexpose scans by site. | Y | |||
Vulnerability exceptions | Push vulnerability exceptions back into Nexpose after verification, including comments and expiration date of how long vulnerability should be suppressed from Nexpose reports. | Y | Y | ||
Closed-loop Integration | Tag and push exploitable vulnerabilities back to Nexpose for follow-up. | Y | |||
Re-run Session | Re-run an exploit to validate that a remediation effort, e.g. patch or compensating control, is successful. | Y | Y | ||
Support | |||||
Community Support | Get peer support through Rapid7 Security Street | Y | Y | Y | Y |
Rapid7 Support | Get Rapid7 24/7 email and phone support | Y | Y |
Download Metasploit (Trial):
Windows: http://downloads.metasploit.com/data/releases/metasploit-latest-windows-installer.exe
Linux 64 bit: http://downloads.metasploit.com/data/releases/metasploit-latest-linux-x64-installer.run
Linux 32 bit: http://downloads.metasploit.com/data/releases/metasploit-latest-linux-installer.run
License Key Nexpose Community Edition:
DZRX-3QH0-JR3Z-5JBG
SR85-61T5-JVJ8-YHJM