fbpx

Metasploit 4 Advance Penetration Testing Tool

Metasploit has changed the way of Penetration testing it provides complete automatic environment to attack, finding vulnerability and their exploits. As discuss before the advantages of automated penetration testing, for automated test metasploit is the best tool. You can find the complete description with basic usage of metasploit here.

The newer version of metasploit is version 4 that will release very soon so in this article i will try to discuss the features of metasploit 4.

According to the official blog the new version contain 36 new exploits, 27 new post-exploitation modules and 12 auxiliary modules. The new version also contain the exploits for browsers like Firefox and Internet explorer, improved 64-bit Linux payload. Some more features are:  
  • Increased exploitation speed
  • Updated social engineering campaigns, including the ability to clone existing websites and edit HTML in a rich editor
  • Updated user interface to simplify managing large projects
  • Easily re-run tasks that have been aborted by the user
  • Global settings for configuring NeXpose scan engines, macros, and API keys
The new version will provides the advance option for import different scan results from third party web application scanners and vulnerability assessment tools. If you want to import result of nessus into metasploit than follow the link to learn.

The metasploit 4 also provides offline password cracking function, for this purpose metasploit will use john the ripper for cracking weak passwords. You can even Integrate Metasploit Pro with your Security Information and Event Management (SIEM).

There are various ways to deploy metasploit like you can now deploy Metasploit as a VMware image using VMware vSphere. Session establishment is not a big problem now, Meterpreter now supports persistent agents and listeners so that the target machine actively re-establishes a session when it drops. Agents automatically expire after a pre-configured amount of time.

If you want to learn more about the metasploit 4 and its features than there two beautiful article available:

Metasploit 4.0 is coming soon!

Metasploit 4 Advances Enterprise Security

Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...