From the course: CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Exploitation frameworks

Exploitation frameworks

From the course: CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response

Start my 1-month free trial

Exploitation frameworks

- Security professionals need to be able to use the same tools available to attackers seeking to exploit security controls and exploitation framework offers an efficient way to do that. And Metasploit is the most common exploitation framework. It's basically a hacker Swiss army knife providing an extensible way to test vulnerabilities using modular plugins. Unfortunately, Metasploit, like many security tools, can be used for good or for evil. The same flexibility that makes Metasploit an excellent security testing tool also makes it a powerful weapon for attackers. Metasploit began its life as an open source project, but it was later purchased by the security firm Rapid Seven. Because of this heritage there are now two versions of Metasploit available. The Metasploit framework edition remains free, while the Metasploit Pro edition is a commercial product with some extra features. The Metasploit website contains a…

Contents