Coming October 25: PeerSpot Awards will be announced! Learn more

Rapid7 Metasploit OverviewUNIXBusinessApplication

Rapid7 Metasploit is #13 ranked solution in top Vulnerability Management tools. PeerSpot users give Rapid7 Metasploit an average rating of 7.8 out of 10. Rapid7 Metasploit is most commonly compared to Tenable Nessus: Rapid7 Metasploit vs Tenable Nessus. Rapid7 Metasploit is popular among the large enterprise segment, accounting for 56% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 23% of all views.
Buyer's Guide

Download the Vulnerability Management Buyer's Guide including reviews and more. Updated: September 2022

What is Rapid7 Metasploit?

Attackers are always developing new exploits and attack methods—Metasploit penetration testing software helps you use their own weapons against them. Utilizing an ever-growing database of exploits, you can safely simulate real-world attacks on your network to train your security team to spot and stop the real thing.

Rapid7 Metasploit was previously known as Metasploit.

Rapid7 Metasploit Customers

City of Corpus Christi, Diebold, Lumenate, Nebraska Public Power District, Prairie North Regional Health, Apptio, Automation Direct, Bob's Stores, Cardinal Innovations Healthcare Solutions, Carnegie Mellon University

Rapid7 Metasploit Video

Rapid7 Metasploit Pricing Advice

What users are saying about Rapid7 Metasploit pricing:
  • "The great advantage with Rapid7 Metasploit, of course, is that it's free."
  • "There are two versions available, one of which is the Pro version, and the other is the free version."
  • Rapid7 Metasploit Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Project Director at a tech services company with 1,001-5,000 employees
    Real User
    Top 5
    A free and impactful penetration testing solution
    Pros and Cons
    • "All of the features are great."
    • "At the time I was using it, the graphical user interface needed some improvements."

    What is our primary use case?

    I used the community edition. It's a very handy and powerful product. For a free product, the capabilities are absolutely astonishing.

    I used Rapid7 Metasploit as a marketing solution. I was working as a security expert and whenever I would meet a client as a consultant or a freelancer, I would open my laptop and start using the software.

    Rapid7 Metasploit is a standalone solution, intended to be used by one person, but it can be used by a few people in a team — maybe 10 people or less.

    What is most valuable?

    All of the features are great. I used it as a tool for penetration testing. The exploitation capabilities and the development in general, are all great. It's open-source and very handy. 

    What needs improvement?

    At the time I was using it, the graphical user interface needed some improvements. It might be better now because there was a very big community behind it, and of course, newer versions are always improved. The free, community edition I was using, lacked some very specific exploits but, as I remember, under the commercial version, you could find your exploits.

    All the features that are available on the command line could be integrated with the graphical user interface.

    For how long have I used the solution?

    I used Rapid7 Metasploit for more than five years.

    Buyer's Guide
    Vulnerability Management
    September 2022
    Find out what your peers are saying about Rapid7, Tenable Network Security, Qualys and others in Vulnerability Management. Updated: September 2022.
    635,162 professionals have used our research since 2012.

    What do I think about the stability of the solution?

    The earlier versions had some bugs, but the last version, Version Four, was much more stable compared to the previous versions — which we stopped using because of the bugs.

    What do I think about the scalability of the solution?

    The scalability is not that good.

    When you use the command-line interface, not very much of the process is automated. There should always be an expert present to work with the software. Under the GUI, I believe there are some features that can be automated for testing.

    The solution was not intended to be automated because penetration testing requires attention and caution because it's done on a live network with line services. Automation can damage the target network or the system on the network.

    You can automate the input of data, but the results are not satisfactory.

    The scalability should definitely be improved.

    How are customer service and support?

    As it's a free product, the community edition doesn't include any technical support. I haven't used the commercial edition so I can't comment on their support.

    In terms of development, the team of developers that supports the software is very active and quick to help. In short, the software is being maintained very actively, and I do believe the customer support should be the same.

    I would like to see some support available for the free version; however, there are a lot of open-source materials available to solve any issues, so for me personally, there wasn't any need for technical support.

    How was the initial setup?

    If you want to install it separately on a fresh new Linux, the solution is still effective. The installation is very, very straightforward.

    What other advice do I have?

    The great advantage with Rapid7 Metasploit, of course, is that it's free. You can download it and start using it for free, right away. The features are satisfactory, and you can do your job strictly with the free edition. Of course, you could do your job even better with the commercial edition. 

    There are better products available, like Core Impact, but they are much more expensive.

    On a scale from one to ten, I would give Rapid7 Metasploit a rating of eight.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Agustinus DWIJOKO - PeerSpot reviewer
    Network & Security Engineer at a comms service provider with 11-50 employees
    Real User
    Top 5
    Affordable, reliable and easy to set up
    Pros and Cons
    • "Technical support has been helpful and responsive."
    • "We'd like them to offer better coverage of malware."

    What is our primary use case?

    The last use case is for customers that want to use the features of Metasploit, for phishing detection. We give awareness about phishing on their email accounts in the organization.

    How has it helped my organization?

    The affordability of the asset for the organization has been the biggest improvement.

    What is most valuable?

    The initial setup is straightforward. 

    The product scales well.

    It's very stable and reliable. 

    Technical support has been helpful and responsive. 

    It's great for detecting phishing campaigns. 

    What needs improvement?

    It would be better if Metasploit had a wider module, to do explorations of vulnerabilities. We'd like them to offer better coverage of malware.

    For how long have I used the solution?

    I've been using the solution for three to four years. It's been a while. 

    What do I think about the stability of the solution?

    The solution is stable and reliable. There are no bugs or glitches and it doesn't crash or freeze.

    What do I think about the scalability of the solution?

    It's a product that can scale as necessary.

    How are customer service and support?

    Technical support is very good. Whenever we need assistance, they are quite helpful and responsive. We are very satisfied with them.

    How was the initial setup?

    It's a very simple setup. The process is not overly complex or difficult. I'd rate it two out of five in terms of how easy it is (with one being the easiest and five being the hardest).

    What's my experience with pricing, setup cost, and licensing?

    The licensing is per user account. We're set up with one account per user. The price of the product is quite reasonable and very affordable. 

    What other advice do I have?

    We're a Rapid7 distributer.

    I'm not sure which version of the solution we're using. It's likely the latest one. 

    Any organization or enterprise should want to check for vulnerabilities in any kind of asset that they have. Using tools like Metasploit can help companies check internally.

    I'd rate the solution eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Vulnerability Management
    September 2022
    Find out what your peers are saying about Rapid7, Tenable Network Security, Qualys and others in Vulnerability Management. Updated: September 2022.
    635,162 professionals have used our research since 2012.
    Senior Cyber Security Specialist at a tech services company with 1,001-5,000 employees
    Real User
    Top 5Leaderboard
    Open-source, simple and quick to install, with a variety of payload options
    Pros and Cons
    • "Rapid7 Metasploit is a useful product."
    • "Rapid7 Metasploit can add a GUI feature because it is only available online."

    What is our primary use case?

    We mainly use Rapid7 Metasploit for the network penetration testing activities.

    We have used the payload during our penetration testing activities.

    What is most valuable?

    It is easy to use.

    Rapid7 Metasploit is a useful product.

    It has a very long list of available payloads.

    What needs improvement?

    Rapid7 Metasploit can add a GUI feature because it is only available online.

    While it is simple to use, including a GUI would make things easier. It would be very helpful.

    For how long have I used the solution?

    I have been using Rapid7 Metasploit for more than four years.

    What do I think about the scalability of the solution?

    Our company performs penetration testing for our clients. It is not used in the client's organization by any users normally, instead, it is used by the penetration tester, who performs the penetration testing activities.

    Our company is a professional services company with 15 team members. All 15 team members are using this solution.

    How are customer service and support?

    We have not opened any tickets, as we have not experienced any issues.

    Also, the free version does not offer support, it is only included with the Pro Version.

    If you're using the free version, there's an online community where you can look for a similar problem that needs to be solved.

    How was the initial setup?

    The initial setup is straightforward. It's very easy to install Rapid7 Metasploit.

    It's only five minutes to install.

    This solution can be deployed and managed by a single person.

    What's my experience with pricing, setup cost, and licensing?

    There are two versions available, one of which is the Pro version, and the other is the free version.

    In the four years that we've been using this solution, we've only used the free version. We haven't had any reason to use the Pro Version.

    What other advice do I have?

    I would recommend this solution to others who are interested in using it.

    I would rate Rapid7 Metasploit an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    AlanGallagher - PeerSpot reviewer
    CEO at Virtual Security International
    Real User
    Many tests available, tests capable through networks, but scalability could improve
    Pros and Cons
    • "The solution is open source and has many small targetted penetration tests that have been written by many people that are useful. You can choose different subjects for the test, such as Oracle databases or Apache servers."
    • "The solution is not very scalable, it does not provide any automation to be able to scale it."

    What is our primary use case?

    We have Rapid7 Metasploit installed on our Kali Linux system and we use it for penetration testing.

    What is most valuable?

    The solution is open source and has many small targetted penetration tests that have been written by many people that are useful. You can choose different subjects for the test, such as Oracle databases or Apache servers.

    Someone has created a graphical interface for this solution called Armitage which has been very useful and easier to use. The solution typically only has a command-line interface.

    You are able to do network tests over a network, not necessarily on the web server, but on desktops and other devices.

    For how long have I used the solution?

    I have been using Rapid7 Metasploit for approximately two years.

    What do I think about the stability of the solution?

    The solution is stable.

    What do I think about the scalability of the solution?

    The solution is not very scalable, it does not provide any automation to be able to scale it.

    What other advice do I have?

    I rate Rapid7 Metasploit a seven out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Download our free Vulnerability Management Report and find out what your peers are saying about Rapid7, Tenable Network Security, Qualys, and more!
    Updated: September 2022
    Product Categories
    Vulnerability Management
    Buyer's Guide
    Download our free Vulnerability Management Report and find out what your peers are saying about Rapid7, Tenable Network Security, Qualys, and more!