Metasploit: PUT YOUR DEFENSES TO THE TEST
PENETRATION TESTING FOR OFFENSIVE SECURITY TEAMS
Knowing the adversary's moves helps you better prepare your defenses. Metasploit, backed by a community of 200,000 users and contributors, gives you that insight. It's the most impactful penetration testing solution on the planet. With it, uncover weaknesses in your defenses, focus on the highest risks, and improve your security outcomes.
Know Your Weak Points
It's vital to find your vulnerabilities before a malicious attacker does.
Utilize world's largest exploit database
Leading the Metasploit project gives Rapid7 unique insights into the latest attacker methods and mindset. Rapid7 works with the community to add an average of 1 new exploit per day, currently counting more than 1,300 exploits and more than 2,000 modules.
Simulate real-world attacks against your defenses
Metasploit evades leading anti-virus solutions 90% of the time and enables you to completely take over a machine you have compromised from over 200 modules. Pivot throughout your network to find out just how far an attacker can get.
Uncover weak and reused credentials
Test your network for weak and reused passwords. Going beyond just cracking operating system accounts, Metasploit Pro can run bruteï¿½??force attacks against over 20 account types, including databases, web servers, and remote administration solutions. In addition, it can utilize specialized tools designed to expose credentials' scope and effectively gauge impact of an exposed credential.
Express Baseline Penetration Tests
For IT Generalists in SMBs
- Community features plus:
- Smart Exploitation
- Automated Credentials Brute Forcing
- Baseline Penetration Testing Reports
Advanced Penetration Tests & Enterprise Security Programs
For Penetration Testers and IT Security Teams
- Express features plus:
- Wizards for standard baseline audits
- Task chains for automated custom workflows
- MetaModules for discrete tasks such as network segmentation testing
- Dynamic payloads to evade leading anti-virus solutions
- Full access to an internal network through a compromised machine with VPN pivoting
- Closed-loop vulnerability validation to prioritize remediation
- Phishing awareness management & spear phishing
- Web app testing for OWASP Top 10 vulnerabilities
- Choice of advanced command-line (Pro Console) and web interface
- Integrations via Remote API
Use our penetration testing software to:
- Validate security risks as part of your vulnerability management program.
- Safely simulate attacks on your network to uncover security issues.
- Verify your defenses, security controls and mitigation efforts.
- Measure the effectiveness of your security awareness program.
- Audit password security beyond Windows and Linux logins.
Rapid7 Metasploit 4.14.2-2018032701 release includes:
- Unicode support: Launch social engineering campaigns in any language and phish targets with email clients that require UTF-8.
- More control over payloads: Use VPN pivoting and force a 64-bit Meterpreter for an exploit when selecting a payload.
- The HP iLO4 Web Interface module: The new auxiliary/admin/hp/hp_ilo_create_admin_account module uses an authentication bypass against vulnerable HP iLO4 web interfaces to make a new administrator account with full privileges.
Please contact BTSoftware for Metasploit Pro pricing