Rapid7 Metasploit Reviews

I use this solution to check if there are any vulnerabilities that I find during scanning.

The search engine is actually pretty cool. It actually allows you to search the vulnerability very fast, and the big difference is that the exploit you see on Metasploit has been tested and imported, it's going to work and it is not going to crash anything. That's a big thing. That's basically why I use it.

The most valuable one is the integration between Nmap, the database and Metasploit. That saves a lot of time.

More than five years.

I had some issues with stability in the past, but it appears that the latest upgraded version has sorted out those issues.

I do not think it scales. But, I do not understand why someone would want to scale Metasploit, at it is very specific on what you are attacking. It attacks a particular server. You can only scale if you are using Nmap.

The initial setup was a bit "tweaky" for the open-source version.

I use the open-source version, not the paid version of this product.

We looked at Metasploit vs Tenable Nessus and Metasploit vs OpenVAS. These solutions were more general scanners, and not as precise as Metasploit. 

It's not possible to do penetration testing without being very proficient in Metasploit. It's impossible.

Good features- 1) Availability of both graphical and command line interfaces. 2) HTML based report collection 3) Integration with PostgreSQL 4) Integration of NMAP for network scanning, brute force techniques 5) Around 800 active modules with exploits for linux, bsd , microsoft and MacOS 6) Collaboration with team feature also available 7) Open Source 8)Integration with Backtrack OS

Few cons of metasploit are 1) Exploit updates are slow after security patches to a certain OS 2) High resource utilization when run under Window7 and Windows Server 2008 R2 3) Fewer browser exploits 4) Payloads not extremely effective against updated anti viruses.

Metasploit is the most favored toolkit for network security professionals and penetration testers. It is one of the best tools for zero day exploits and payloads for operating systems such as, Microsoft Windows, Linux, and Sun Solaris. Metasploit, which has been written in Ruby, provides the ability to seamlessly create and simulate attacks on networks and provide protection. It deals with the largest database of exploits, till date available, in a single tool for both active and passive attacks on networks and applications.

We mainly use Rapid7 Metasploit for the network penetration testing activities.

We have used the payload during our penetration testing activities.

It is easy to use.

Rapid7 Metasploit is a useful product.

It has a very long list of available payloads.

Rapid7 Metasploit can add a GUI feature because it is only available online.

While it is simple to use, including a GUI would make things easier. It would be very helpful.

I have been using Rapid7 Metasploit for more than four years.

Our company performs penetration testing for our clients. It is not used in the client's organization by any users normally, instead, it is used by the penetration tester, who performs the penetration testing activities.

Our company is a professional services company with 15 team members. All 15 team members are using this solution.

We have not opened any tickets, as we have not experienced any issues.

Also, the free version does not offer support, it is only included with the Pro Version.

If you're using the free version, there's an online community where you can look for a similar problem that needs to be solved.

The initial setup is straightforward. It's very easy to install Rapid7 Metasploit.

It's only five minutes to install.

This solution can be deployed and managed by a single person.

There are two versions available, one of which is the Pro version, and the other is the free version.

In the four years that we've been using this solution, we've only used the free version. We haven't had any reason to use the Pro Version.

I would recommend this solution to others who are interested in using it.

I would rate Rapid7 Metasploit an eight out of ten.

On-premises