New version of free Metasploit tool aimed at newbie penetration testers
Two years after Rapid7 acquired the Metasploit Project, the company has rolled out a free and more user-friendly version of the open-source tool that is aimed at less technical users.
The new Metasploit Community Edition is a combination of the popular open-source Metasploit Framework and a basic version of the user interface of Rapid7's Metasploit Pro commercial product.
HD Moore, Rapid7's CSO and chief architect for Metasploit, says the free pen-testing tool features a new user interface and automation of tasks to make penetration testing more approachable for organizations and users not necessarily versed in penetration testing. There's a growing number of organizations that want to get started with pen testing, either for compliance reasons or just to test it out, he says.
"There's a huge number who want to dip their toe into security and don't want a complex learning curve. They just want to test it, and some are scared to test it," says Moore, who is also the creator of Metasploit. "[Now] they can get familiar with Metasploit ... and make sure they can prioritize vulnerabilities" and other security issues, he says.
It was two years ago today that Rapid7 announced it had purchased Moore's open-source Metasploit pen-testing tool project, and that Moore had joined the company and was remaining in charge of the project.
Metasploit Community is available for download here.