Security Dashboard
Wednesday 23 December 2009 - 543 read - ( Keywords : Exploitation , Framework , Metasploit , Penetration testing & Ethical Hacking )
The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
Metasploit Framework v3.3.3
All exploits now contain a ranking that indicates how dangerous the default settings are to the target host.
The search command now takes a -r option to specify a minimum ranking of modules to return.
The db_autopwn and nexpose_scan commands now take a -R option to specify a minimum ranking of modules to run.
The InitialAutoRunScript option has been added to Meterpreter, providing a way for exploits to specify required post-exploit tasks (migrate out of a dying process).
jRuby 1.4.0 can be used to run some parts of the framework, however it is not supported or recommended at this time.
The sessions command can now run a single command (-c) or a script (-s) on all open sessions at once.
The Win32 EXE template is now smaller (37k from 88k).
POSTSCRIPTUM
Download Metasploit Framework v3.3.3
COMPLIANCE MANDATES
Penetration testing & Ethical Hacking : PCI DSS 11.3, SOX A13.3, GLBA 16 CFR Part 314.4 (c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001/27002 12.6, 15.2.2RELATED ARTICLES
Exploitation,
Framework,
Metasploit,
Penetration testing & Ethical Hacking,
1 April 2010 : Metasploit 3.3.3-Tokamac Released23 December 2009 : Metasploit Framework updated to v3.3.316 December 2009 : Metasploit Framework v3.3.2 released3 December 2009 : Metasploit Framework v3.3.1 released17 November 2009 : Metasploit Framework v3.3 released (includes support for Windows 7)
