1) Availability of both graphical and command line interfaces.
2) HTML based report collection
3) Integration with PostgreSQL
4) Integration of NMAP for network scanning, brute force techniques
5) Around 800 active modules with exploits for linux, bsd , microsoft and MacOS
6) Collaboration with team feature also available
7) Open Source
8)Integration with Backtrack OS
Room for Improvement:
Few cons of metasploit are
1) Exploit updates are slow after security patches to a certain OS
2) High resource utilization when run under Window7 and Windows Server 2008 R2
3) Fewer browser exploits
4) Payloads not extremely effective against updated anti viruses.
Metasploit is the most favored toolkit for network security professionals and penetration testers. It is one of the best tools for zero day exploits and payloads for operating systems such as, Microsoft Windows, Linux, and Sun Solaris. Metasploit, which has been written in Ruby, provides the ability to seamlessly create and simulate attacks on networks and provide protection. It deals with the largest database of exploits, till date available, in a single tool for both active and passive attacks on networks and applications.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Jul 01 2012