Overall Satisfaction with Metasploit
I have used Metasploit in my current and past positions to validate vulnerabilities found in other scanners and to run additional scans and tests not found by a vulnerability scanner. Metasploit is also very good for server hardening by allowing full testing before deployment.
- Vulnerability exploiting
- Tool integration such as with Nmap
- Very intuitive interface and searching
- More robust menus
- Better plugin inter-operation
- We have been able to weed out false positives with a more manual vetting of scanned vulnerabilities.
- Our teams have become more well versed in penetration testing with Metasploit to understand the vulnerabilities potentially present.
- Nmap and Burp Suite
Metasploit is an all around good suite of tools to test and validate potential vulnerabilites. Other tools have bits and pecies such as Nmap, Nessus, Burp Suite, etc. but Metasploit can function in the same way but more.