Home / Linux / What is Metasploit? And how to use this popular hacking tool

What is Metasploit? And how to use this popular hacking tool

Metasploit definition

Metasploit is a penetration testing framework that makes hacking simple. It’s an essential tool for many attackers and defenders. Point Metasploit at your target, pick an exploit, what payload to drop, and hit Enter.

It’s not quite as simple as that, of course, so let’s begin at the beginning. Back in ye olden days of yore, pentesting involved a lot of repetitive labor that Metasploit now automates. Information gathering? Gaining access? Maintaining persistence? Evading detection? Metasploit is a hacker’s Swiss army chainsaw (sorry, Perl!), and if you work in information security, you’re probably already using it.

Better still, the core Metasploit Framework is both free and libre software and comes pre-installed in Kali Linux. (It’s BSD-licensed, in case you’re curious). The framework offers only a command-line interface, but those wanting GUI-based click-and-drag hacking — plus some other cool features — can drop a bundle for per-seat licenses to Metasploit Pro.

Let’s take a closer look at how Metasploit works, and its history.

History of Metasploit

HD Moore began working on Metasploit in the early oughts, and released 1.0, written in Perl, in 2003. The project has grown dramatically since then, from the original 11 exploits the project came with to more than 1,500 now, plus around 500 payloads, with a switch to Ruby under the hood along the way.

Security outfit Rapid7 acquired both Metasploit and Moore in 2009. (Moore left the project in 2016.) Metasploit has since become the de facto framework for exploit development, despite competition from Canvas and Core Impact. Today it is common for zero day reports to include a Metasploit module as proof of concept.


>> Source Link

Check Also

SUSE Manager 4: Traditional server management marries DevOps

​Agile and DevOps: 7 tips for creating the right culture New strategies are changing how …

%d bloggers like this: