The Metasploit penetration testing framework has always been about finding ways to exploit IT, in an effort to improve defense. The new Metasploit 4.5 release from security vendor Rapid7 goes a step further than its predecessors, offering a new phishing engine and updated exploit modules.