metasploit-framework
https://github.com/rapid7/metasploit-framework
Ruby
Metasploit Framework
Triage Issues!
When you volunteer to triage issues, you'll receive an email each day with a link to an open issue that needs help in this project. You'll also receive instructions on how to triage issues.
Triage Docs!
Receive a documented method or class from your favorite GitHub repos in your inbox every day. If you're really pro, receive undocumented methods or classes and supercharge your commit history.
43 Subscribers
Add a CodeTriage badge to metasploit-framework
Help out
- Issues
- Add FreeScout ZWSP .htaccess unauthenticated RCE module (CVE-2026-28289)
- `payload/windows/x64/encrypted_shell/reverse_tcp` fails with an access violation
- Add module for CVE-2000-0979 Windows 9x/Me SMB share password enumeration
- Update metasploit data models
- `auxiliary/gather/ldap_passwords` module breaks when querying for `msLAPS-Password` attribute with LDAP
- pyquokka FlightServer gRPC pickle deserialization RCE (CVE-2025-62515)
- Langflow /api/v1/validate/code exec() code injection RCE (CVE-2026-0768)
- smolagents RemotePythonExecutor rogue Jupyter server pickle RCE (CVE-2025-14931)
- Upsonic unauthenticated cloudpickle deserialization RCE (CVE-2026-0773)
- Add Apache Dubbo Telnet JNDI Injection RCE module (CVE-2021-32824)
- Docs
- Plugin::BeSECURE::BeSECURECommandDispatcher#name
- MetasploitModule#upload_udf
- MetasploitModule#list_udf
- MetasploitModule#remove_udf
- MetasploitModule#build
- MetasploitModule#features
- MetasploitModule#send_request_cmd_inject
- Msf::WebServices::SessionEventServlet.report_session_event
- Msf::WebServices::SessionEventServlet.get_session_event
- Msf::WebServices::SessionEventServlet.registered