“Enabling penetration testers to share findings and notes definitely helps keep everyone in synch and productivity moving. It’s also a great time saver at the end of an assignment because you can create a single report including everyone’s findings at the push of a button.”
- Scans and exploits Web applications. Metasploit Pro enables you to scan and exploit both standard and custom Web applications, often the most publicly accessible server on the network. These can provide a pivot point into a database or further into the network.
- Runs social engineering campaigns. Metasploit Pro runs custom social engineering campaigns, including website cloning for phishing and emails with malicious attachments, to compromise end-user systems, providing additional attack vectors into the network.
- Achieves unprecedented network access. Metasploit Pro is the world’s only penetration testing solution to achieve unrestricted remote network access through a compromised host. Unlike alternative products, which provide proxy-based pivoting that is restricted to certain protocols, Metasploit Pro’s VPN pivoting evades firewall restrictions and provides encrypted access into networks at the Ethernet level, providing the same capabilities as a physical network tap. As a result, penetration testers can run any network discovery tool, such as the NeXpose vulnerability scanner, through a compromised host as if they were directly connected to the internal network.
- Enables unique team collaboration. Metasploit Pro is the world’s first penetration testing solution that supports team collaboration to coordinate concerted attacks. Team members can see and search each other’s actions, progress and notes to make team efforts more efficient. Known hosts, credentials and hashes are automatically leveraged by other team members.