Hacking

Popular hacking toolkit Metasploit adds hardware testing capabilities

The Metasploit hacking toolkit now includes a new hardware bridge that makes it easier for users to analyze hardware devices.

The popular offensive hacking toolkit Metasploit now is powerful, it included a hardware bridge to conduct security tests on hardware. It is a great support to the users that have to test hardware, including IoT devices.

Metasploit already includes more than 1,600 exploits and 3,300 modules, with a huge hacking community that works on news modules and scripts.

MetasploitMetasploit

Up until now, the Metasploit allowed the creation of custom scripts for hardware testing, now the update to the Hardware Bridge API will allow users to test a variety of hardware including vehicles’ CAN buses.

The new Hardware Bridge API gives a precious instrument to customers focused on the development of hardware exploits.

The first update to the Hardware Bridge API focuses is specifically designed for the testing of automotive systems, Rapid7 that manages the tool will soon add other modules to extend the capabilities of its product.

Metasploit aim to be an institutional tool for a wide range of hardware platforms, including SCADA and industrial control systems (ICS), IoT systems, and software defined radio (SDR). The company believes the new capability makes Metasploit an ideal tool for conducting hardware-based network research.

“Metasploit condensed a slew of independent software exploits and tools into one framework and now we want to do the same for hardware,”

“Every wave of connected devices – regardless of whether you’re talking about cars or refrigerators – blurs the line between hardware and software. As we like to say, this hardware bridge lets you exit the Matrix and directly affect real, physical things,” explained Craig Smith, director of transportation research at Rapid7. “We’re working to give security professionals the resources they need to test and ensure the safety of their products — no matter what side of the virtual divide they’re on.”

“Much in the same way that the Metasploit framework helped unify tools and exploits for networks and software, the Hardware Bridge looks to do the same for all types of hardware.”

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – hardware testing, hacking)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

U.S. CISA adds Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows flaws to its Known Exploited…

2 hours ago

Ivanti fixed two EPMM flaws exploited in limited attacks

Ivanti addressed two Endpoint Manager Mobile (EPMM) software vulnerabilities that have been exploited in limited…

4 hours ago

Microsoft Patch Tuesday security updates for May 2025 fixed 5 actively exploited zero-days

Microsoft Patch Tuesday security updates for May 2025 addressed 75 security flaws across multiple products, including…

13 hours ago

Fortinet fixed actively exploited FortiVoice zero-day<gwmw style="display:none;"></gwmw><gwmw style="display:none;"></gwmw>

Fortinet fixed a critical remote code execution zero-day vulnerability actively exploited in attacks targeting FortiVoice…

15 hours ago

How Interlock Ransomware Affects the Defense Industrial Base Supply Chain

Interlock Ransomware 's attack on a defense contractor exposed global defense supply chain details, risking…

1 day ago

Marks and Spencer confirms data breach after April cyber attack

Marks and Spencer (M&S) confirms that threat actors stole customer data in the ransomware attack…

1 day ago