Security Encyclopedia

Meterpreter

Meterpreter is a security product used for penetration testing. Part of the Metasploit Project and Framework, it provides enterprise security teams with the knowledge helpful for addressing vulnerabilities in the targeted application against which Meterpreter is deployed.

The Metasploit Project is a collaboration between the open source community and security vendor Rapid7, and its Metasploit Framework is a suite of test-case malicious code that is designed to conceal its presence and avoid fingerprinting. Enterprises and others use the project and framework resources, including the Meterpreter payload, to test their vulnerabilities in a controlled setting.

As Meterpreter’s hidden malicious activities take hold into the test subject’s resources, the information is recorded in the subject’s intrusion detection system (IDS). The fruits of this process then add to the base of knowledge and scenarios that are part of the test subject’s security information and event management (SIEM).

Example:

“We’ve injected a Meterpreter payload into our system so see what our IDPS or IDS picks up, and what it doesn’t. The readouts and this exercise help us optimize our scans for malware and other anomalous activity without learning these lessons the hard way.”