Certified Ethical Hacker (CEH v11) — Question 235

Which of the following is considered an exploit framework and has the ability to perform automated attacks on services, ports, applications and unpatched security flaws in a computer system?

Answer options

• A. Maltego
• B. Wireshark
• C. Nessus
• D. Metasploit

Correct answer: D

Explanation

The correct answer is D, Metasploit, as it is specifically designed to be an exploit framework that automates attacks on various vulnerabilities. In contrast, A. Maltego is a tool for link analysis, B. Wireshark is a network protocol analyzer, and C. Nessus is a vulnerability scanner, none of which have the same exploitative capabilities as Metasploit.