The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits for a variety of platforms. Payloads, encoders, and nop slide generators can be mixed and matched with exploit modules to solve almost any exploit-related task.
The Metasploit Framework 4.4 has had 101 modules added since Metasploit 4.3: 68 exploits, 22 auxiliary modules, 9 post modules, 1 payload, and 1 encoder.
Official change log:
Metasploit Risk Validation for Nexpose Vulnerability Management: By integrating Metasploit Pro with Nexpose for risk validation, you can now prioritize the critical vulnerabilities that pose a real risk, fixing them before it’s too late. Now you can focus your efforts on what matters. Specifically, Metasploit Framework now tightly integrates with Nexpose by:
- Importing rich vulnerability data from Nexpose scans, sites, and XML
- Automatically validating the exploitability of many high-risk vulnerabilities
- Providing a simplified process to spot-check individual vulnerabilities
- Pushing granular exploit results back to Nexpose via Vulnerability Exceptions
- Pushing device classifications back to Nexpose Asset Groups via Metasploit Tags
- Enhancing Metasploit reports with detailed Nexpose scan data
Security professionals benefit from the integration in the following ways:
- Quickly identify high-risk vulnerabilities not protected by compensating controls
- Measure the effectiveness of defensive solutions designed to mitigate vulnerabilities
- Increase credibility and reduce friction between IT operations and security teams
No comments:
Post a Comment