Metasploit security tool gets update

The Metasploit Project has updated its signature open-source exploit framework to Version 3.1, adding a new graphical interface for Windows that will boost the number of researchers and hackers who are able to use the attack software, according to its lead developer.

Share

The Metasploit Project has updated its signature open-source exploit framework to Version 3.1, adding a new graphical interface for Windows that will boost the number of researchers and hackers who are able to use the attack software, according to its lead developer.

"It's a minor update, but it's the result of 10 months of hard work," said HD Moore, the noted exploit researcher who created Metasploit and remains its project leader. "The big things in 3.1 is that we've solidified the APIs and added a GUI to Windows.

"Metasploit 3.0 [on Windows] was difficult to use. This, though, is a platform we can build on," said Moore

Other enhancements planned for the near future - Moore cited a timeline of three or four months - will hopefully position Metasploit to be a closer competitor to commercial attack and penetration testing frameworks, like Immunity's Canvas or Core Security Technologies' Core Impact, he added.

Scores of new exploit modules are included with the update. Most, however, have been available to Metasploit users via its ongoing development tree, Moore said. They include several exploits for the iPhone that Moore made public in late September 2007.

"Recommended For You"

Attack code published for two unpatched Microsoft exploits Attack code for new Windows 7 IE zero-day exploit revealed