docs/metasploit-framework.wiki/2017-Roadmap-Review.md

# Metasploit's 2017 Roadmap Review

In 2017, we published our first open roadmap for Metasploit development. How did we do? For achievements:

 * The Metasploit data model backend: we did a lot of design work on this, and got a couple of initial Proof-of-Concept project built. You can see a video of it here: <https://www.youtube.com/watch?v=hvuy6A-ie1g>. In the mean time, we started merging parts of the main development branch

 * The first pass of external session handling landed with the metasploit-proxy project. 

 * Independent modules that run in isolation _did_ land, along with a hand full of new modules demonstrating the advantages of the design, including multi-language support.

 * The ruby_smb project made a lot of progress, with support incorporated into several existing modules. Full client-side support is also available for testing now.

 * Native iOS and macOS support landed, along with many new IoT and router exploits.

 * Meterpreter shrank almost 4x thanks to the new cryptTLV packet obfuscation support, and the removal of OpenSSL.

Things we didn't quite finish:

 * Metasploit's RESTful interface was not complete in 2017, so we will continue it into 2018.

 * Session handling as a separate process was implemented with the <https://github.com/rapid7/metasploit-aggregator> project, but more work needs to be done to improve scalability and usability.

 * Asynchronous session support remains on the drawing board.

 * SOCKS5 support did not land, but Metasploit did gain a lot more support for running modules externally as separate processes, and gained initial support for running modules in Python.

 * Modernized payload generation with new tools continues to be researched.
Updated 2018 Roadmap (markdown) 2018-12-11 11:13:22 -06:00			`# Metasploit's 2017 Roadmap Review`
document hits 2018-02-01 21:03:54 -06:00
			`In 2017, we published our first open roadmap for Metasploit development. How did we do? For achievements:`

Use kramdown flavored markdown instead of github flavored markdown 2021-09-06 19:22:01 +01:00			`* The Metasploit data model backend: we did a lot of design work on this, and got a couple of initial Proof-of-Concept project built. You can see a video of it here: <https://www.youtube.com/watch?v=hvuy6A-ie1g>. In the mean time, we started merging parts of the main development branch`
document hits 2018-02-01 21:03:54 -06:00
			`* The first pass of external session handling landed with the metasploit-proxy project.`

			`* Independent modules that run in isolation _did_ land, along with a hand full of new modules demonstrating the advantages of the design, including multi-language support.`

			`* The ruby_smb project made a lot of progress, with support incorporated into several existing modules. Full client-side support is also available for testing now.`

			`* Native iOS and macOS support landed, along with many new IoT and router exploits.`

Updated 2017 Roadmap Review (markdown) 2018-12-11 11:18:14 -06:00			`* Meterpreter shrank almost 4x thanks to the new cryptTLV packet obfuscation support, and the removal of OpenSSL.`

			`Things we didn't quite finish:`

			`* Metasploit's RESTful interface was not complete in 2017, so we will continue it into 2018.`

Use kramdown flavored markdown instead of github flavored markdown 2021-09-06 19:22:01 +01:00			`* Session handling as a separate process was implemented with the <https://github.com/rapid7/metasploit-aggregator> project, but more work needs to be done to improve scalability and usability.`
Updated 2017 Roadmap Review (markdown) 2018-12-11 11:18:14 -06:00
			`* Asynchronous session support remains on the drawing board.`

			`* SOCKS5 support did not land, but Metasploit did gain a lot more support for running modules externally as separate processes, and gained initial support for running modules in Python.`

Use kramdown flavored markdown instead of github flavored markdown 2021-09-06 19:22:01 +01:00			`* Modernized payload generation with new tools continues to be researched.`