Auditing with Metasploit
Omar Israel Sánchez Monroy | TrustRadius Reviewer
November 19, 2019

Auditing with Metasploit

Score 9 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with Metasploit

Well we use Metasploit in two areas of the company. Intern audit and security of systems to test network security, the applications and some other technologies of IT and OT. By knowing the most common exploits and hacking techniques we improve the controls in order to mitigate the risks and better understand the anatomy of an attack.
  • Easy to use.
  • Many exploits available.
  • Multi-platform.
  • Some exploits need a bit of intervention to work.
  • If you prevent an attack you will save a lot of money.
  • There is a free version that has a lot of useful exploits.
  • You can run it in an open source OS.
You can configure and develop your own versions of exploits that are suitable for your business. The free version is very useful and the Rapid7 website has a lot of info to help you understand the exploits. Nessus just lets you identify the vulnerabilities but Metasploit lets you attack with vectors.
We don't use it.

Do you think Metasploit delivers good value for the price?

Yes

Are you happy with Metasploit's feature set?

Yes

Did Metasploit live up to sales and marketing promises?

No

Did implementation of Metasploit go as expected?

Yes

Would you buy Metasploit again?

Yes

In security of information it's vital to think like a hacker and it's important to know the tools they use for attacks. So this software gives you the exploits that are already in the wild and to the access of everyone. That's very dangerous so you have to be aware of it.

Evaluating Metasploit and Competitors

  • Price
  • Product Usability
It's installed by default in the security operative systems.
Yes, always we will choose Metasploit for our daily probes.