As we learned earlier in this chapter, Metasploit's claim to fame is as an attack platform. Every day, Metasploit modules are being written and submitted to the Metasploit project; each of which can either perform a scan or, more often, actually attack a given vulnerability.

Metasploit's ability to act as an attack was revolutionary when it first debuted: rather than searching for proofs of concepts—or writing their own, after a vulnerability was announced—security professionals were immediately able to use a reliable platform with vetted modules to launch their attacks. Metasploit is written in Ruby, so it's portable to almost any platform—and since all the modules run on the framework, there is no reason to ...