HD Moore, criador e mantenedor do Metasploit, framework de segurança mais utilizado no mundo, acaba de lançar mais um produto para comunidade de segurança que tem como objetivo fornecer um interface gráfica, básica, para quem já utiliza o metasploit. O texto do próprio Moore diz que essa nova ferramenta, Metasploit Community Edition, traz uma outra série de benefícios, confiram abaixo:
- A simple graphical user interface, which makes it much easier to get started with vulnerability verification and security assessments than command-line based alternatives.
- Network discovery, enabling users to map their networks by identifying hosts, scanning for open ports and fingerprinting their operating systems and services.
- Integration with vulnerability scanners, so scan data from Rapid7 Nexpose, Nmap and a dozen other solutions can be imported directly into Metasploit Community. Nexpose scans can also be initiated and sites imported directly from within Metasploit Community.
- Basic exploitation, enabling users to verify which vulnerabilities are actually exploitable and must be remediated – and which ones don’t. This increases productivity and reduces the cost of a vulnerability management program and helps prevent data breaches.
- Module browser, leveraging the world’s largest database of quality-assured exploits so users can easily find the right exploit. Each module includes a reliability ranking, indicating its typical success rate and impact on the target system.
- Security and IT professionals can easily upgrade from Metasploit Community to Metasploit Pro, continuing to work with the familiar interface on the existing installation. Metasploit Pro adds more powerful capabilities, including smart exploitation, password auditing, Web application scanning, post-exploitation, social engineering, team collaboration, comprehensive reporting and enterprise-level support.
Vejam como é essa nova interface: