availability of version 3.1 of their exploit development and attack
framework. The latest version features a graphical user interface, full
support for the Windows platform, and over 450 modules, including 265
remote exploits. “Metasploit 3.1 consolidates a year of research and
development, integrating ideas and code from some of the sharpest and
most innovative folks in the security research community” said H D
Moore, project manager. Moore is referring the numerous research
projects that have lent code to the framework.
include the METASM pure-ruby assembler developed by Yoann Guillot and
Julien Tinnes, the “Hacking the iPhone” effort outlined in the
Metasploit Blog, the Windows kernel-land payload staging system
developed by Matt Miller, the heapLib browser exploitation library
written by Alexander Sotirov, the Lorcon 802.11 raw transmit library
created by Joshua Wright and Mike Kershaw, Scruby, the Ruby port of
Philippe Biondi's Scapy project, developed by Sylvain Sarmejeanne, and
a contextual encoding system for Metasploit payloads. “Contextual
encoding breaks most forms of shellcode analysis by encoding a payload
with a target-specific key” said I)ruid, author of the Uninformed
Journal (volume 9) article and developer of the contextual encoding
system included with Metasploit 3.1.
Read the full announcement here. The new GUI is pretty slick. This is my most common tool when testing my security implementations. I use Cain & Abel a lot also. Anyway, I am glad to see the project is still moving forward nicely.