Rapid7 has released V3.6 of its penetration testing suite Metasploit. The tools comes in three flavors: Pro, Express and open source. The most significant improvements have been made to the Pro version but Metasploit Express and the open source version have also had several improvements.
Metasploit Pro now generates reports for PCI DSS compliance with pass/fail information for applicable PCI DSS requirements. Also new to the Pro version is a feature that allows users to freely assign tags to assets based on multiple criteria such as compliance, operation workflow and team collaboration on different operational units.
Post-Exploitation modules is a new feature found in all editions. It includes more than a dozen modules that can be run on exploited systems to perform actions such as gathering additional information, pivoting to other networks and elevating system privileges.
This release also adds 15 new exploits making a total of 64 new modules since version 3.5.1 and brings the grand total to 648 exploit modules, 342 auxiliary modules, and 23 post modules.
Metasploit Framework 3.6.0, the open source edition of Metasploit, can be downloaded from here.