The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide.
Metasploit now has 613 exploit modules and 306 auxiliary modules, from 551 and 261 respectively in version 3.4.
General release notes for 3.5.0:
- Sessions now include additional information by default. This is often the username/hostname of the remote session.
- Dead sessions are now automatically detected and closed without requiring user interaction.
- The msfcli interface is now a thin wrapper around msfconsole; auxiliary modules and passive exploits now work.
- All modules now track which local user launched them (via module.owner)
- Resolve Windows error codes intro descriptive strings
- Automatically choose a preferred “reverse” payload if non was specified
- Warn the user if an antivirus program has corrupted the installation (EICAR canary)
- A socks4a proxy auxiliary module is available capable of routing through a meterpreter session
- Host names will now resolve properly on Windows with Ruby 1.9.1+
- Improved performance and accuracy of FTP and telnet brute force scanners.