Rapid7 Metasploit Other Advice
Aqeel Junaid
Junior Executive - Information Security at sunshine holdings
The solution's exploit development functionality was easy to use and had all the scenarios I could use to run my security assessment. Since the solution has been updated regarding new malware, it gives data protection for security professionals. Rapid7 Metasploit is a good exploit tool, and users need to know what they're doing while using the solution.
The solution provides perfect effectiveness in simulating real-world attacks for training purposes.
Overall, I rate the solution a nine out of ten.
AdeelAgha
Team Lead - Cyber Security & Compliance at Al Tuwairqi Group
I give the solution an eight out of ten.
We should consider retiring Rapid7 Metasploit in case we find a better solution for exploitation. For example, if I compare Tenable.io Vulnerability Management and Rapid7 Metasploit, I prefer Tenable.io Vulnerability Management for vulnerability assessment. However, when it comes to penetration and exploitation, I have to go with Rapid7 Metasploit as Tenable.io Vulnerability Management does not have any tool or system to automatically inject vulnerabilities and exploit them for automated penetration testing. Therefore, if I find a similar system in the future, we should retire Rapid7 Metasploit and switch to the new architecture.
Whether we are a novice or experienced IT support persons, it will be difficult to use the system, as it is difficult to use any vulnerability assessment system. In order to use these systems, we must understand what a vulnerability is and what our purpose is for using it. Rapid7 Metasploit is difficult to use, as it is not very user-friendly.
View full review »
Md. Shahriar Hussain
Cybersecurity and Compliance Lead Engineer at Banglalink
Penetration testing can potentially expose weaknesses in your Endpoint Detection and Response system. The effectiveness depends on how your EDR system is configured. If the policy is strong and well-configured, tools like Rapid7 Metasploit may not be successful. However, if the policy is poorly configured or not implemented, vulnerabilities could be exploited, and attacks, including those using Rapid7 Metasploit, may occur.
Using the manual Rapid7 Metasploit software framework in Kali Linux requires command-line inputs. In contrast, the professional edition simplifies the process by allowing users to select IPs and upload Nessus results in dot Nessus format. This eliminates the need to write complex commands.
In countries facing economic challenges, there is limited funding for security teams and professionals due to the country's economic conditions.
The tool has delayed my certification. I don't recommend it since we get many better solutions in the market. I rate it a five out of ten.
View full review »Buyer's Guide
Rapid7 Metasploit
April 2024
Learn what your peers think about Rapid7 Metasploit. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
768,578 professionals have used our research since 2012.
Andrei Bigdan
Executive Manager at B2B-Solutions LLC
Overall, I would rate it nine out of ten.
View full review »
Alen Bohcelyan
Cyber Security Director at Coca-Cola Icecek AS
I rate Rapid7 Metasploit eight out of 10. I would recommend it. I don't have any other tools like it, and I always use it when I'm doing a pen test. Metasploit is a great solution for penetration testing, but end-to-end testing can be hard to manage if you don't have deep expertise. From the perspective of comprehensively addressing vulnerabilities, it may be hard for the average user in the community.
Agustinus DWIJOKO
Network & Security Engineer at PT. Centrin Online Prima
We're a Rapid7 distributer.
I'm not sure which version of the solution we're using. It's likely the latest one.
Any organization or enterprise should want to check for vulnerabilities in any kind of asset that they have. Using tools like Metasploit can help companies check internally.
I'd rate the solution eight out of ten.
View full review »Agustinus DWIJOKO
Network & Security Engineer at PT. Centrin Online Prima
I would recommend Rapid7. I rate the overall solution a nine out of ten.
View full review »
Rostum Tampor
Solutions Engineer at Gefura Inc.
I would definitely recommend the solution to those planning to use it on a long-term basis. For new users planning to use it for testing, I recommend they do a PoC before starting.
Overall, I rate the solution a nine out of ten.
SE
reviewer2295975
Senior cybersecurity engineer at a aerospace/defense firm with 5,001-10,000 employees
It's definitely one of the best penetration testing tools available. Overall, I would rate the solution an eight out of ten.
View full review »AG
AlanGallagher
CEO at Virtual Security International
I rate Rapid7 Metasploit a seven out of ten.
View full review »AS
reviewer1088721
Principal security consultant at a computer software company with 201-500 employees
For our needs, which is usually a dedicated environment for our customers, I cannot envision any significant improvements that need to be made.
My advice for anybody who is considering this solution is that it works well as a component in a vulnerability testing platform. We use a combination of tools with a certain level of automation and integration, which gives us the flexibility that we need to accommodate customers with differing needs. There is no one tool in the market that covers everything and ultimately, Metasploit helps to produce the reports that we need.
The biggest lesson that I have learned from using this product is that if proper security checks are not done during the development process then very likely, you will face major vulnerabilities or risks in the production environment.
Overall, it is a very good product for penetration testing.
I would rate this solution an eight out of ten.
View full review »MM
reviewer1432815
Project Director at a tech services company with 1,001-5,000 employees
The great advantage with Rapid7 Metasploit, of course, is that it's free. You can download it and start using it for free, right away. The features are satisfactory, and you can do your job strictly with the free edition. Of course, you could do your job even better with the commercial edition.
There are better products available, like Core Impact, but they are much more expensive.
On a scale from one to ten, I would give Rapid7 Metasploit a rating of eight.
View full review »EG
reviewer1369920
Senior Information Technology Security Officer at a financial services firm with 501-1,000 employees
I used the product previously. Now, I am more of a consultant.
I'm not sure what version of the solution I'm currently using is.
This product is fantastic. I prefer using it. I'd rate it seven out of ten. If it wasn't for the unpredictable support, I would rate it a bit higher. If it added just a few more advancements, it would be even better still.
View full review »VC
reviewer2378706
Senior Cyber Security Analyst at a tech services company with 501-1,000 employees
I would recommend the solution to other users.
Overall, I rate the solution an eight out of ten.
ME
reviewer1674711
Senior Cyber Security Specialist at a tech services company with 1,001-5,000 employees
I would recommend this solution to others who are interested in using it.
I would rate Rapid7 Metasploit an eight out of ten.
View full review »
it_user172239
Senior Manager of System Security at a tech services company with 1,001-5,000 employees
It's not possible to do penetration testing without being very proficient in Metasploit. It's impossible.
View full review »it_user1065
Senior Manager of Data Center at a integrator with 51-200 employees
Metasploit is the most favored toolkit for network security professionals and penetration testers. It is one of the best tools for zero day exploits and payloads for operating systems such as, Microsoft Windows, Linux, and Sun Solaris. Metasploit, which has been written in Ruby, provides the ability to seamlessly create and simulate attacks on networks and provide protection. It deals with the largest database of exploits, till date available, in a single tool for both active and passive attacks on networks and applications.
View full review »
Buyer's Guide
Rapid7 Metasploit
April 2024
Learn what your peers think about Rapid7 Metasploit. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
768,578 professionals have used our research since 2012.
Buyer's Guide
Download our free Rapid7 Metasploit Report and get advice and tips from experienced pros
sharing their opinions.
Updated: April 2024
Product Categories
Vulnerability ManagementPopular Comparisons
Darktrace
Qualys VMDR
Tenable Nessus
Tenable Security Center
Tenable Vulnerability Management
Rapid7 InsightVM
Vectra AI
Fortinet FortiWeb
Cato SASE Cloud Platform
Orca Security
Acunetix
Pentera
Akamai Guardicore Segmentation
Illumio
Buyer's Guide
Download our free Rapid7 Metasploit Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More:
- Primary Use Case
- Valuable Features
- Room for Improvement
- Customer Service and Support
- Initial Setup
- ROI
- Pricing
- Other Advice
- How inadvisable is it to use a single vulnerability analysis tool?
- What are the benefits of continuous scanning for vulnerability management?
- What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?
- When evaluating Vulnerability Management, what aspect do you think is the most important to look for?
- What are the main KPIs that need to be implemented to have better posture in vulnerability projects?
- How do you use the MITRE ATT&CK framework for improving enterprise security?
- What are your recommended automated penetration testing tools?
- Can you recommend API for Tenable Connector into ServiceNow
- What penetration testing tool (or tools) do you recommend for SMB/SME?
- Which tool would you recommend for vulnerability management in your infrastructure?
