The first major milestone update to the open-source Metasploit Framework since 2011 is now available, making it easier for security researchers to test cyber-security defenses against exploits.

With its attack tool update, The Metasploit Project may be aiding online vandals more than helping network administrators identify weak points, some security experts say.

Rapid7, the vulnerability management security specialist, has acquired Metasploit, the ongoing open source security project that developed the Metasploit Framework. The move is billed as allowing ...

“Rapid7’s stated commitment to provide support for the Metasploit Project community work, while keeping the framework and tools free, means this acquisition can be a win for both teams.” ...

This project resulted in the Metasploit Framework, an open source platform for writing security tools and exploits.

In addition to Metasploit, about a year ago Rapid7 announced a sponsorship of the W3AF (web application, attack and audit framework) open source project which I reported on in July 2010.

Announced yesterday, the Metasploit project is to be absorbed by security company Rapid7. HD Moore, creator of the Metasploit project announced the acquisition in his blog yesterday. In the ...

Metasploit modules that work with industrial control systems are a relatively new addition to the framework, which was developed in 2003 as a free and open source tool for testing the security of ...

The Metasploit Framework itself will continue to be free and open source. The launch of Metasploit Community coincides with the second anniversary of Rapid7’s acquisition of the Metasploit project.

Given the openness of the Metasploit project and its high value to network defenders, the copycat exploit is an unfortunate side effect of the democratic nature of the open-source framework.