The world’s most used penetration testing framework

The Metasploit Framework is both a penetration testing system and a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C, many flavors of Assembly, Python, Powershell, PHP, and other languages.

The framework consists of tools, libraries, modules, and user interfaces. The basic function of the framework is a module launcher, allowing the user to configure an exploit module and launch it at a target system. If the exploit succeeds, the payload is executed on the target and the user is provided with a shell to interact with the payload. Hundreds of exploits and dozens of payload options are available.

lightbulb_outline View ideas list


  • ruby
  • postgresql
  • python
  • c
  • assembly


  • Security
  • security
  • penetration testing
  • offensive security
  • exploitation
comment IRC Channel
email Mailing list
mail_outline Contact email

Metasploit 2018 Projects

  • Yihang Wang
    Add meta-shell commands for reverse shell session
    Shell sessions typically expose a direct connection to a remote shell, but are lacking a number of nice features such as the ability to stop a remote...
  • Eliott Teissonniere
    Improving post exploitation features on POSIX systems
    As an IT student, I would like to take part in the GSOC 2018 by working on the Metasploit Project, the following proposal details the complete summer...
  • Rahul Dhawan
    Improving the Post-exploit / Meterpreter functionality
    Creation of a Meterpreter session Graphical User Interaction (UI) including visual listing of commands available and post modules that can be used...
  • zed009
    Integration plugin for 3rd party frameworks.
    This project tries to provide user the ability to use the functionalities, provided by third party external frameworks such as Pupy or PowerShell...
  • Albertor
    Post-exploitation interface module to make it easy for anyone anywhere
    In many cases once you have exploited a device you don’t know exactly what to do or how to go on. Maybe you have many payloads available and after...