I'm new to metasploit, and want to install it on the work computer I use every day; but I'm not sure whether it is safe.
Are there any best practices when using metasploit?
I'm new to metasploit, and want to install it on the work computer I use every day; but I'm not sure whether it is safe.
Are there any best practices when using metasploit?
While installing metasploit on your machine will not directly cause any issues you should be aware of the following:
metasploit, like all other software, can introduce vulnerabilities as a result of the underlying components that make it work, the database listener and Ruby service are installed as well as a web framework depending on the version installed. If your computer is not adequately protected or new exploits are found for this software, it may be possible to compromise your machine. This is an inherent risk of installing any software.
metasploit allows for the creation and generation of 'malicious' payloads. If configured incorrectly or run accidentally on your machine could introduce vulnerabilities as well.
many antivirus solutions will detect metasploit modules and exploits and prevent them from running by placing them quarantine. If you have AV installed you'll need to provide exceptions for it which is, overall, reducing your effective security.
In summary, it depends on what you define as safe. If the above risks are acceptable, go ahead. The metasploit framework is well renowned and as far as anyone knows, isn't backdoored in any way. Assuming you download it directly from rapid7 I would imagine there would be no issues.
I'd recommend that you don't install Metasploit on your work computer. To make Metasploit run without issues, it's recommended that you switch off your firewall and anti-virus, which may not be a good idea for your production system. My recommendation: Install Metasploit on a virtual machine (e.g. VirtualBox) in Bridged Mode (so the payloads can connect back). Ubuntu seems to work great and doesn't require a license.
Disclosure: I (used to) work for Rapid7
As long as you install it from a known source, then there should not be any risk to you or your computer.
However, your employer's network administrators may have a few questions for you if you use it and they detect the activity.