Linux Today: Linux News On Internet Time.

Does Metasploit Have a Future?

Nov 25, 2009, 22:03 (1 Talkback[s])
(Other stories by Paul Rubens)

[ Thanks to Michael Hall for this link. ]

"The future of Metasploit, the highly respected, open source penetration testing framework founded by renowned security expert H.D. Moore, was plunged into doubt last month following the announcement that the project had been acquired by Rapid7.

"Boston-based Rapid7 is known for its closed-source NeXpose vulnerability scanning and reporting product, and fears were immediately raised that the acquisition of Metasploit would lead to the inevitable demise of the open-source Metasploit project as it exists today. Metasploit is favored by penetration testers, corporate security staff (and hackers) because it is open source and free, but mainly because of Moore's expertise and the wide community of security experts which contributes modules to Metasploit. Alternative penetration testing systems such as Core Security Technologies' Core Impact and Immunity's Canvas are arguably easier to use, but are too expensive for many smaller organizations to buy.

"The fears may be based on the precedent of Nessus, an open source vulnerability scanner which was very popular before it went closed source in 2005. Nessus is now only available for commercial use with a subscription, and lacks the community contribution that Metasploit currently enjoys."

Complete Story

Related Stories: