Metasploit isn’t just a tool, it’s a complete framework that provides the infrastructure needed to automate mundane, routine, and complex tasks. This enables you to focus on the unique or specialized aspects of penetration testing and on discovering vulnerabilities within your information security program.
Metasploit was first developed and invented by HD Moore (network security expert) while he was hired by a security firm. When HD realized that he was wasting most of his time validating and sanitizing public exploit code, he started to build a flexible and maintainable framework for the creation and development of exploits. He published his first edition of the Perl-based Metasploit in October 2003 with a total of 11 exploits.
The framework offers penetration testing software and provides tools for automating the identification of a program’s vulnerability and its fixed (patched) version. It also provides anti-forensic and advanced evasion tools. Metasploit allows you to easily build attack vectors to augment its exploits, payloads, encoders, and more in order to create and execute more advanced attacks.
The project was obtained by Rapid7 (a leader in the vulnerability scanning field), which enabled HD Moore to create a team to concentrate only on the development of the Metasploit Framework. Since the acquisition, updates have happened more rapidly than anyone could have imagined.