First major release in eight years promises security service practitioners new ways to integrate with external tools
For the first time since 2011, security pros have a major new release of Metasploit in their attack and exploit development toolkit. Rapid7 late last week announced version 5.0 of the venerable pentesting framework, which adds new integration functionality, evasion capabilities, and expanded language support.
The Lowdown: Topping the list of updates in Metasploit 5.0 is the way the framework interacts with data and other tools. On top of its current PostgreSQL back-end database, Rapid7 has added the ability to run the database as a RESTful service, to facilitate interaction with multiple Metasploit consoles and external tools and boost performance.
Metasploit 5.0 also gets a new JSON-RPC API for expanded integration with third-party tools. Metasploit’s proprietary automation protocol has been updated to a common Web service framework for its database and automation APIs.
The Details: The latest version of Metasploit also allows users to execute exploit modules against multiple targets at the same time, a first for the framework.
Other improvements include faster and more advanced module search capabilities, a new metashell feature that adds Meterpreter-like capabilities with less complexity, and support for Go, Python, and Ruby programming languages for developing external modules.
The Impact: Penetration testing and advanced vulnerability assessments are on the menu for only the most mature of managed security service providers. For those that do offer those services, however, platforms like Metasploit are as critical as RMM and PSA tools are to generic MSPs.
The Buzz: In a blog post announcing the new release, Brent Cook, senior manager at Rapid7, said the new Metasploit “brings many new features, as well as a fresh release cadence. Metasploit’s new database and automation APIs, evasion modules and libraries, expanded language support, improved performance, and ease-of-use lay the groundwork for better teamwork capabilities, tool integration, and exploitation at scale.
“Metasploit 5.0 is the first step in modernizing how Metasploit interacts with data and other tools,” Cook added. “Metasploit now has a more mature development process that we hope to continue leveraging in the future to enable even bigger improvements to the code base.”