It's been a while since I've written a blog post about new stuff in Metasploit (and I'm not sure if the editors will let me top the innuendo of the last one). But I'm privileged to announce that I'm speaking about Metasploit twice next month: once at the FSec 17 Conference in Varaždīn, Croatia September 7-8, and a second time at UNITED 2017, Rapid7's annual security conference in Boston September 11-14. The talk should be a wild ride through some of the interesting new features that Metasploit has gained over the past year, as well as amazing stuff we have underway for the next major version of Metasploit.
With a project so large and varied, it can be challenging keeping it fresh and relevant. Amazing new open-source security projects pop up almost as fast as CVE allocations. Metasploit is definitely seeing a generational shift, with new developers coming in and older ones moving to new projects. As a result, we have done a lot of work this year moving Metasploit Framework to the next level, while preserving the things people love about it the most. Our 2017 Roadmap was just the beginning—we have a lot of interesting work on the horizon that will change how you think about Metasploit.
I'm also helping with the Metasploitable3 CTF at the UNITED conference and helping run some Metasploit training. So if you have any questions about Metasploit, past, present, or future, this is your chance to get expert advice, either from me or from the five other Metasploit developers who will also be attending. It should be fun and educational, if not a little exhausting! Hope to see you there!