Metasploit Research
SUBJECT: Technical Paper on the Metasploit Project
1. The Metasploit framework was originally a framework developed in PERL scripting language by HD Moore in 2003. He initially developed this framework as a network tool for penetration testing using common publically known methods. The Metasploit framework later was rewritten in the RUBY programming language. Since it’s creation it has become the largest and most widely used tool for penetration testing by nearly every security firm and penetration testing companies.
2. HD Moore’s creativity and precision forethought has allowed hundreds of thousands of organizations to be able to conduct security audits without a vast knowledge of programming, reverse engineering, and network attack specialty skill sets. Before the days of The Metasploit framework, a vulnerability assessment required a person or team of highly specialized engineers to inform the leaders of the organization on how to secure their network and applications from possible threats. 3. With the availability of the Internet, almost any computer savvy person can begin using the Metasploit framework in order to conduct a vulnerability assessment. Now with these assessments comes a risk that must be accepted or migrated by the leadership of an organization. There are a great number of security related youtube videos out there to teach and demonstrate how to use the Metasploit framework. The framework can be run on almost any OS platform out there today that is use by the masses. It can be run by using Unix/Linux, Mac OS X, and also on Windows. With this sort of interoperability it allows the user of the framework to run it natively on their host system without a lot of reconfiguration to an OS they are not familiar with.
4. One of the greatest features of the toolkit is that it is modular. This modular approach allows practically any combination of exploits, with almost any payload attached that is compatible with the targeted system.
1. The Metasploit framework was originally a framework developed in PERL scripting language by HD Moore in 2003. He initially developed this framework as a network tool for penetration testing using common publically known methods. The Metasploit framework later was rewritten in the RUBY programming language. Since it’s creation it has become the largest and most widely used tool for penetration testing by nearly every security firm and penetration testing companies.
2. HD Moore’s creativity and precision forethought has allowed hundreds of thousands of organizations to be able to conduct security audits without a vast knowledge of programming, reverse engineering, and network attack specialty skill sets. Before the days of The Metasploit framework, a vulnerability assessment required a person or team of highly specialized engineers to inform the leaders of the organization on how to secure their network and applications from possible threats. 3. With the availability of the Internet, almost any computer savvy person can begin using the Metasploit framework in order to conduct a vulnerability assessment. Now with these assessments comes a risk that must be accepted or migrated by the leadership of an organization. There are a great number of security related youtube videos out there to teach and demonstrate how to use the Metasploit framework. The framework can be run on almost any OS platform out there today that is use by the masses. It can be run by using Unix/Linux, Mac OS X, and also on Windows. With this sort of interoperability it allows the user of the framework to run it natively on their host system without a lot of reconfiguration to an OS they are not familiar with.
4. One of the greatest features of the toolkit is that it is modular. This modular approach allows practically any combination of exploits, with almost any payload attached that is compatible with the targeted system.