You are on page 1of 2


RAPID7 METASPLOIT PRO KEY BENEFITS • Complete penetration test assignments faster by automating repetitive tasks and leveraging multilayered attacks • Assess the security of Web applications, network and endpoint systems, as well as email users • Emulate realistic network attacks based on the leading Metasploit Framework with more than 120,000 users • Test with the world’s largest public database of quality assured exploits • Tunnel any traffic through compromised targets to pivot deeper into the network • Collaborate more effectively with team members in concerted network tests • Customize the content and template of reports As enterprises and government agencies face increasing threats to complex, businessbusiness critical systems, the ability to simulate realistic attacks on their infrastructure in a fast and cost-effective manner is critical. Metasploit Pro™ is the solution for security professionals in enterprise, government and consulting firms who need to reduce costs by making network security testing more efficient. Unlike alternative products, Metasploit Pro improves the efficiency of penetration testers by providing unrestricted unrestric remote network access and enabling teams to efficiently collaborate. Only Metasploit products are based on the Metasploit Framework, the gold standard for penetration testing, and are therefore best suited to emulate realistic attacks.

Key characteristics: • • • • • • Advanced – full multi-layered penetration testing capabilities pivot through Web, network, and endpoint targets, aided by stealth and social engineering features Efficient – intuitive GUI accelerates standard tasks, completing assignments faster Safe – quality assurance and reliability ratings for all exploits ensures they are safe to use and don’t install any software on the target systems Integrated – Launch nmap and the NeXpose® vulnerability scanner (optional) from within Metasploit Pro to exploit the most vulnerable systems first for faster results Supported – backed by Rapid7’s customer support staff with dedicated SLAs for both Metasploit Pro and supported components in the Metasploit Framework Great value – leveraging its community of more than 120,000 security professionals and researchers, Rapid7 is able to offer this solution at a great value

RAPID7 Corporate Headquarters

545 Boylston Street Boston, MA 02116


audit these services for vulnerabilities. Metasploit Pro was created with the specific needs of a penetration tester in mind. pivot to other machines. Metasploit Pro delivers the following core capabilities: • Latest exploits and payloads – Leverages the world’s largest. Strong enterprise-class support offering – Benefits from guaranteed enterpriselevel support with SLAs from Rapid7 customer care professionals. and Manual Exploitation methods. fully quality assured and integrated public database of exploits and payloads to conduct your tests. delivering actionable intelligence about an organization’s entire IT environment. Full graphical user interface – Simplifies usability and greatly enhances efficiency of penetration testers and security experts in a step-by-step model. Exploitation. NeXpose scans can also be initiated directly from within Metasploit Pro. • Discover Devices: Identify hosts. scan for open ports and fingerprint the operating systems and services. Nmap and other solutions.Automated Penetration Testing Workflow KEY PROCESS STEPS • Project Creation: Initiate discrete internal and/or external components of a penetration test.1717 www. Social engineering – Uses phishing and endpoint security testing to create exploit campaigns. and quickly exploit them to validate the results. for example to route vulnerability scans through a compromised machine. track click-throughs. Rapid7 offers the only integrated threat management solution that enables organizations to implement and maintain best practices and optimize their network security. • Collect Evidence: Gather artifacts for proof of access and obtain authentication credentials across multiple systems at once • Extend Access: Recycle and replay capture authentication credentials to extend access to a greater number of targets • Cleanup and Reporting: Gracefully complete an engagement and leverage iReport and Jasper templates for customized reporting Leveraging the open source Metasploit Framework used by more than 120. • • • • • DS 10/10 RAPID7 Corporate Headquarters 545 Boylston Street Boston. • • • ABOUT RAPID7 Rapid7 is the leading provider of vulnerability management and penetration testing solutions. Extensive attack targets – Compromises standard and custom Web applications. saving significant time and effort. endpoint systems. The Metasploit Pro Workflow Manager automates all penetration testing steps that security professionals would otherwise conduct manually. and email users. • Take Control: Create a command shell or Meterpreter session to control the device in the target environment. database . MA 02116 617. Web applications – Identify web services across the entire enterprise. Social Engineering.247. Import scan data from NeXpose. network devices. Other commercial products were designed more as exploit execution platforms and less as penetration testing solutions. • Gain Access: Gain access using Bruteforce. Web application security and database security strategies. VPN pivoting – Tunnels any traffic through the target.rapid7. Robust reports – Includes online and offline reports with detailed vulnerabilities descriptions and remediation information and customized design templates. and capture passwords.000 security professionals. Team support – Enables teams to coordinate concerted attacks. Web Applications.