A comprehensive development platform especially created to help network security specialists run penetration tests and detect vulnerabilities
Metasploit Framework is designed to provide you with a full-featured development platform dedicated to exploiting testing. Simply put, it provides developers everywhere with a free, but powerful way to test computer system, networks or web apps to detect potential vulnerabilities that could be exploited.
The framework features publicly available exploits and comes in handy to network security administrators that need to perform penetration tests and check patch installations. It has the capability to identify false positive threats and exploitable vulnerabilities, perform automatic vulnerability analysis, prioritize tasks, as well as perform real-time pen-testing.
It is worth mentioning that the platform relies on pen or penetration testing and includes many of its specific testing strategies. Therefore, you can execute tests to determine the level of security of the external visible servers and devices, including the firewall, DNS and email servers.
Alternatively, you can verify the reliability of a security system by performing a blind test where you simulate an attack via the known strategies and having severely limited information at your disposal. The latter can be useful if you want to implement rapid response procedures or incident identification, providing you let a few people from the organization know about the test and check for potential signs.