Metasploit 4.6 – Now with less Open Source GUI

April 11, 2013

Last week, I received an email from Tod B. at Rapid7 stating that the next binary installer of Metasploit would ship without Armitage and msfgui. Metasploit 4.6 drops both programs. According to Tod, the Metasploit Framework repository on Github will also drop both projects in the near future.

The reason given is that Rapid7 does not want to confuse users about which products they do and do not support.

When I released Armitage in November 2010, I had one simple goal–release something that would get into BackTrack Linux. I didn’t expect that it would make it into the Metasploit Framework. I even had a license scheme that prohibited it (GPLv2). HD Moore approached me and asked me to change my license to BSD. If I agreed to change my license, HD would ship Armitage with the Metasploit Framework. I never expected this and I always saw this distribution as a privilege, not a right.

Thank you HD and Rapid7 for making Armitage part of the Metasploit Framework for the past two years.

For the thousands of Armitage hackers out there, I’d like to clarify how this affects you. The short answer… this isn’t a big deal.

  • I maintain Armitage and will continue to do so. I average one release every six weeks or so. In fact, I pushed a release yesterday.
  • I do not have an automated update process for Armitage. You’ll have to download it from its homepage. You can signup to get an email notification when a new Armitage update is available.
  • Armitage still works out of the box with a properly installed Metasploit environment. If you have Metasploit Community Edition setup, you can download Armitage, extract it, and run it. It will work like it always has.
  • You can use Armitage with Kali Linux as well.
  • If you’d like to support my work, Cobalt Strike is the way to do it. Check that it supports your needs first (I’m a value in exchange for value kind of hacker). If Cobalt Strike isn’t for you, but you still love Armitage, a simple thank you is good too.

The Armitage homepage is still http://www.fastandeasyhacking.com/


  1. Thank you Mudge. Love your stuff

    – T

  2. Interesting trend in front end GUI’s being dropped. Besides armitage and msfgui being dropped from metasploit I noticed that gerix, the GUI for the aircrack-ng suite is not included in the default kali distro.

    Keep up the good work and great attitude.

    • I wouldn’t say these events are related. Kali is a new distro and the team there has been extremely responsive to requests to add tools that users suggest.

  3. When are you going to let the UK people have a play with Cobalt Strike ?

  4. Interesting, msfconsole it is then, eh? — That’s kind of weak of Rapid7 to do.

    • Armitage and msfgui are still options. The main difference now is that you’ll have to install Armitage separately to continue to use it. Not too big of a deal.

  5. Please kindly keep the project alive thank you for such a wonderful GUI its helps a lot of people out there.

    • It’s definitely still alive. I’m planning to push an update in a week or so.

  6. Though I haven’t used (but I’m going to do it soon) Armitage, it looks like an interesting project. Kinda makes exploitation appear the way it is being portrayed on films. Nevertheless, the website appears outdated and Web 1.0 styled; I think a redesign is necessary.

    • Thanks, but I love the website and I’m not likely to change the design.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s