Metasploit Professional, Scientific, and Technical Services Reviews & Insights

Score9 out of 10

19 Reviews and Ratings

Community insights

TrustRadius Insights for Metasploit are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.

Pros

Easy to use: Users have found Metasploit to be easy to use, with several reviewers highlighting its intuitive interface and seamless navigation. Some users felt that the tool was user-friendly.

Integration with other tools: The integration of Metasploit with other tools like NMAP has been praised by many reviewers for enhancing its functionality and expanding its capabilities. Several users appreciated the seamless integration of Metasploit with complementary tools.

Automation capabilities: Many users have emphasized the automation capabilities of Metasploit, stating that it significantly reduces the time and effort required for manual tests and exploits. A significant number of reviewers highlighted the time-saving benefits provided by the automation features in Metasploit.

Metasploit Reviews

3 Reviews

Professional, Scientific, and Technical ServicesInformation Technology & Services2Computer & Network Security1

Good Tool for VAPT

Rating: 10 out of 10

Incentivized

April 29, 2021

Use Cases and Deployment Scope

Metasploit is used by my organization to identify system weakness and attempt to exploit them to demonstrate the weakness. It is an easy tool used by the security team to identify, isolate, and demonstrate the weakness and allow for verification of the remediations. As an industry-recognized tool, there is no dispute from different vendors when using the tool.

Pros

Test known exploits
Segregated workspaces for different projects
Updated databases of exploits

Cons

Improve dashboard to allow C levels to better understand the concerns
Exporting the results or integrate with reporting tools
Options to manage the payloads

Likelihood to Recommend

It is easy to use with sufficient documentation on how to use the tools for end users or newbies. Experienced testers will find it easy to customise and configure the test cases. Just wished that I could have taken up a course on using this tool in my study days so that I could had explored more and improved my familiarity with the tool, unlike when working where access and time to explore the other features of the tool is limited.

Verified User

Consultant in Information Technology (Information Technology & Services company, 1001-5000 employees)

Vetted Review

8 years of experience

Verify and learn with Metasploit

Rating: 9 out of 10

Incentivized

May 14, 2018

Use Cases and Deployment Scope

I have used Metasploit in my current and past positions to validate vulnerabilities found in other scanners and to run additional scans and tests not found by a vulnerability scanner. Metasploit is also very good for server hardening by allowing full testing before deployment.

Pros

Vulnerability exploiting
Tool integration such as with NMAP
Very intuitive interface and searching

Cons

More robust menus
Better plugin inter-operation

Likelihood to Recommend

Very useful for exploitation validation. When a vulnerability scanner shows a machine is vulnerable to an exploit manual testing is always a preferred practice to ensure it is not a false positive from the scanner. Manual validation allows the tester to better understand the exploit and how to properly defend from it.

Alan Matson, CCNA:S, MCP

Senior Network Security Engineer in Information Technology at Insight (Information Technology and Services, 5001-10,000 employees)

Vetted Review

10 years of experience

View profile

Metasploit Unleashed - Organized Collaborative Pentesting

Rating: 10 out of 10

Incentivized

August 1, 2016

Use Cases and Deployment Scope

Metasploit is one of the commonly used frameworks inside of our network security department. Our teams are able to use Metasploit's workspace system to work collaboratively on large, comprehensive network penetration tests. Metasploit helps to launch payloads and to gather and store information about systems.

Pros

Workspaces: Metasploit allows for the creation of "workspaces," which allow for shared and collaborative penetration testing.
Information management: Metasploit stores and displays detailed information about devices and networks that would otherwise be difficult to manage.
Community driven: Many developers from all over the world contribute to Metasploit. This helps to keep it functioning well and up-to-date.

Cons

If Metasploit could support payloads written in languages other than Ruby, that would be amazing and could help draw in a larger set of contributors.

Likelihood to Recommend

Collaborative network penetration testing: Workspaces allow for team members to work together and securely share information during a network penetration test.

Information management: Metasploit stores and displays information in an organized, easy-to-manage format. The framework can store detailed information about thousands of devices, as well as "loot," such as usernames, passwords, credit card information, and other sensitive information captured during a penetration test.

Verified User

Engineer (Computer & Network Security company, 11-50 employees)

Vetted Review

3 years of experience

Loading Reviews List....