a penetration testing solution that provides security professionals with a better view of their threat landscape by integrating with more than a dozen vulnerability management and Web application scanners, and by providing data to security information and event management (SIEM) systems through a documented interface.
This enables defenders to identify vulnerabilities that could lead to a data breach and prioritize their remediation more effectively. Security teams increase their productivity by spending less time fixing unimportant vulnerabilities and have an effective way to verify that remediation was successful.
Metasploit Pro helps you improve your enterprise vulnerability management program and test how well your perimeter holds up against real world attacks:
- Identify critical vulnerabilities that could lead to a data breach so you know what to patch first
- Reduce the effort required for penetration testing, enabling you to test more systems more frequently
- Discover weak trust models caused by shared credentials that are vulnerable to brute forcing and harvesting
- Locate exposed, sensitive information with automated post-exploitation file system searches
The new capabilities in Metasploit Pro 4.0 now enable defenders to:
- Integrate Metasploit Pro with your security information and event management (SIEM) system to improve your dashboard information
- Import scan results from more than a dozen third-party Web application scanners and vulnerability assessment tools to prioritize vulnerabilities and eliminate false positives
- Increase productivity in your security team by integrating Metasploit Pro with NeXpose vulnerability management solutions to directly access vulnerabilities that need to be verified
- Automate verification of vulnerabilities and reporting through new programming interface and XML results
- Document compliance with FISMA reports that map findings to controls and requirements.
- Install on Windows, Ubuntu, or Red Hat Enterprise Linux
- Provision a VMware image to your data centers with VMware vSphere
- Host an Amazon Machine Image (AMI) in Amazon Elastic Compute Cloud (Amazon EC2).
- Automatically gather evidence with customizable post-exploitation macros
- Re-establish dropped shells with persistent sessions and listeners
- Replay previously successful attacks to verify remediation
- Easily crack encrypted passwords offline
- Remotely control Metasploit Pro through a programming Interface (RPC API)
- Pull penetration testing reports from Metasploit Pro in an XML format.
Official page: rapid7