.

Metasploit Express

<<

ziggy_567

User avatar

Sr. Member
Sr. Member

Posts: 378

Joined: Tue Dec 30, 2008 1:53 pm

Post Thu Apr 22, 2010 8:44 am

Metasploit Express

http://blog.metasploit.com/2010/04/appr ... 0-and.html

With the news of Metasploit being sponsored/bought by Rapid7 months ago it was inevitable that Metasploit would have a commercial offering. Personally, I think that this is a positive move as long as the Framework remains Open Source, but I'm curious to hear others' thoughts...
--
Ziggy


eCPPT - GSEC - GCIH - GWAPT - GCUX - RHCE - SCSecA - Security+ - Network+
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Thu Apr 22, 2010 7:58 pm

Re: Metasploit Express

At least they keep reassuring that there are no plans to charge for the standard version of Metasploit.
~~~~~~~~~~~~~~
Ketchup
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Thu Apr 22, 2010 9:55 pm

Re: Metasploit Express

Ketchup wrote:At least they keep reassuring that there are no plans to charge for the standard version of Metasploit.


Yea. I have no problem with them charging for extra bells and whistles. It sounds like the Metasploit we know and love will continue to improve while you now have the option to pay for a fancy GUI and extra features. That's win-win as far as I'm concerned. I love free software, but it's great that all those who contribute to the project can receive some financial kick-backs for all their efforts.
The day you stop learning is the day you start becoming obsolete.
<<

j0rDy

User avatar

Hero Member
Hero Member

Posts: 591

Joined: Tue Feb 23, 2010 4:55 am

Location: Netherlands

Post Fri Apr 23, 2010 2:23 am

Re: Metasploit Express

i have no problem that they charge people for using additional features. I hope the command line will always be freely available for use and they may charge people for using the GUI (we all know what real ethical hackers use so no problem here)
CISSP, CEH, ECSA, OSCP, OSWP

earning my stripes appears to be a road i must travel alone...with a little help of EH.net
<<

pizza1337

Full Member
Full Member

Posts: 156

Joined: Mon Mar 08, 2010 5:29 pm

Post Fri Apr 23, 2010 5:13 am

Re: Metasploit Express

j0rDy wrote:i have no problem that they charge people for using additional features. I hope the command line will always be freely available for use and they may charge people for using the GUI (we all know what real ethical hackers use so no problem here)


agreed.
I don't use web and GUI version anyway..
well, i have used web version without knowing anything few years a go, i used whatever it had against my OS, and it never worked...
Knowledge Resource is Power.
<<

j0rDy

User avatar

Hero Member
Hero Member

Posts: 591

Joined: Tue Feb 23, 2010 4:55 am

Location: Netherlands

Post Fri Apr 23, 2010 6:32 am

Re: Metasploit Express

lol, i must admit its a good way to get to know the tool, but it makes you lazy at the same time (just clicking everything, and autopwn doesnt help either in this case). It also doesnt help you to get further then script kiddie level...
CISSP, CEH, ECSA, OSCP, OSWP

earning my stripes appears to be a road i must travel alone...with a little help of EH.net
<<

robbk

Newbie
Newbie

Posts: 7

Joined: Thu Apr 02, 2009 7:16 am

Post Wed Apr 28, 2010 8:52 am

Re: Metasploit Express

My concern is that the majority of the development/bugfix/etc time will be spent on improving and fixing issues in the express version of metasploit, instead of on the framework itself.  That's not to say that the framework won't be improved, but the improvements will be driven by a desire to improve the express version, instead of improving the framework for its own sake.  This may lead to a lot of development work on features we'll never see.
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Wed Apr 28, 2010 1:44 pm

Re: Metasploit Express

recursivenickname wrote:My concern is that the majority of the development/bugfix/etc time will be spent on improving and fixing issues in the express version of metasploit, instead of on the framework itself.  That's not to say that the framework won't be improved, but the improvements will be driven by a desire to improve the express version, instead of improving the framework for its own sake.  This may lead to a lot of development work on features we'll never see.


Isn't Express going to run on the Framework? I don't think they're going to be independent products. It seems like Express is adding a GUI, automation, reporting, etc.
The day you stop learning is the day you start becoming obsolete.

Return to Tools

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software