Home > About > Open Source

Open Source Commitment

From the beginning, the Metasploit Framework has been a collaborative effort fostered by the open source community. And it will always be a part of the community – free to download, use, and share for anyone, anytime. We promise. Check our New BSD License.

At Rapid7, we completely understand the spirit of open source development. While we manage and fund the Metasploit Project, the development and growth of it still heavily relies on your knowledge, talents, and contributions. Our fierce commitment to this ideology shows why the Metasploit Project and its contributions to security research and development will continue to grow and flourish under our management.

Nothing has changed. The goal is still the same: to provide a clear understanding of the critical vulnerabilities in any environment and to manage those risks. Our relationship with the Metasploit Project has allowed us to dedicate full-time resources to expanding the Metasploit Framework. The Metasploit Framework is the gold standard for penetration testing and we want to keep it that way.

Building on the free Metasploit Framework, we have developed two commercial editions: Metasploit Pro and Metasploit Express. Both solutions provide a more efficient, streamlined, and advanced solution for seasoned penetration testers or IT security generalists respectively.

So how do we give back to the community, do you ask?

Before we acquired the Metasploit Project, it was supported by an incredibly active and enthusiastic community of 25,000 of the most technically sophisticated and highly respected security experts in the world. At the same time, it had no permanent development staff or commercial offering. The founder, HD Moore, a well-known expert in the security world, had built it all in his spare time. We brought HD and Metasploit on board, funded a full-time development team, and built two commercial offerings on top of the open source code offering. At the same time the open source offering has accelerated enormously, with 6 releases in the first 12 months after our acquisition compared to one release in the 18 months prior. The community now stands at 125,000 active users, and our revenue from the commercial offerings is helping us keep the Metasploit Framework free for the community.

Today, our collaboration with the Metasploit Project has spurred over one million new unique downloads and updates of the Metasploit Framework and has made it the de facto standard for penetration testers. Since the Metasploit acquisition, we have invested in the w3af and John the Ripper open source projects, and an are continuing to look for open source partners with our Magnificent7 program.