What is our primary use case?
We use it for penetration testing of our internal systems.
What is most valuable?
- The option to generate phishing emails has proven to be very valuable in understanding the behavior of users.
- It contains almost all the available exploits and payloads.
- The in-built Wireshark is valuable in performing packet analysis.
- It has different installation files for different OSs.
What needs improvement?
- The GUI version is not as effective as a command prompt. For general users, the PT using GUI could be improved. At the same, the track of a phishing emails were not accurate sometimes. Rapid7 could work on this further.
- Metasploit cannot be installed on a machine with an antivirus. This could be improved.
- There were times when it hung, then I had to restart the DB service. This leaves an area of improvement for them.
- It is necessary to add some training materials and a tutorial for beginners.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
It is a very robust and stable product.
What do I think about the scalability of the solution?
Its scalability can be improved.
How is customer service and technical support?
The tech support was not as robust as our prior experience with Cisco. With Cisco, we had immediate response.
How was the initial setup?
The initial setup was easy and straightforward.
There is also a manual setup available for installation, both for Windows and Linux. We just had to uninstall the antivirus and disable the firewall. This is not recommended.
What's my experience with pricing, setup cost, and licensing?
It is expensive. Our license expired, and our company is not thinking to renew because of our budget.