Petition to add Metasploit Project as Ruby success story

I noticed the Ruby success stories on the Ruby website. I would like to make a petition to list the open source Metasploit Project as a success story for the Ruby website. The Metasploit Project has seen more than a million unique downloads in the past 12 months and has over 700,000 lines of code, compared to 100,000 lines of the highly successful Ruby projects Puppet and Ruby on Rails.

See the stats:
http://1.bp.blogspot.com/_vzXANAx8YJk/TQj8VhVIlMI/AAAAAAAAACM/FUVbq_X0A4M/s1600/msf-vs-rails.png

Can someone please recommend whom to contact for updates to the Ruby website? I'm referring to page
http://www.ruby-lang.org/en/documentation/success-stories/

I propose listing this project in the new section "Security" as follows:

The Metasploit Framework, developed by Rapid7, is an open-source penetration testing software that helps IT professionals assess the security of their networks and applications. It is the world's largest Ruby project with over 700,000 lines of code and over a million unique downloads and updates in the past year. The commercial editions Metasploit Express and Metasploit Pro from Rapid7 are also based on Ruby.

Any input/comments appreciated! You can contact me privately at Christian underscore Kirsch at-sign Rapid7 dot com.

Many thanks,

Christian Kirsch
Rapid7

Can someone please recommend whom to contact for updates to the Ruby website? I'm referring to page
http://www.ruby-lang.org/en/documentation/success-stories/

The VIT Core mailing list usually handles these discussions. The webmaster email link at the bottom of each page sends messages there.

I propose listing this project in the new section "Security" as follows:

The Metasploit Framework, developed by Rapid7, is an open-source penetration testing software that helps IT professionals assess the security of their networks and applications. It is the world's largest Ruby project with over 700,000 lines of code and over a million unique downloads and updates in the past year. The commercial editions Metasploit Express and Metasploit Pro from Rapid7 are also based on Ruby.

I don't see any reason we couldn't list it.

My one comment though is that I don't like calling it "the world's largest Ruby project." There are multiple ways to measure that, of course. I realize that you name two: lines of code (which I'm not convinced is an advantage) and downloads. I'm doubting your claim on the downloads entirely, since rubygems.org lists over 2 million downloads for Rails:

  http://rubygems.org/gems/rails

If we can dump the my-framework-can-whip-your-framework aspects, and just talk about why Metasploit is cool, I'm fine with putting it up.

James Edward Gray II

···

On Jan 5, 2011, at 8:52 AM, Christian Kirsch wrote:

I started a company, the main selling
http://www.bolts-jdf.com/,
http://www.noblerbaby.com/,
http://www.dino-power.com/,
welcome to my site to
buy!

···

--
Posted via http://www.ruby-forum.com/.

Hi James,

Thanks for the response. I had tried contacting the webmaster several times but didn't hear back. Would you be able to help me with this or can you put me in contact with someone? Would you prefer me to take this conversation off-line or continue on the other mailing list?

Apologies for the confusion with "largest project". In my head, I wasn't making the claim that the project is the largest on the basis of downloads (I didn't know the stats for RoR), but I can see that I phrased it poorly. What do you think of this alternative wording:

The Metasploit Framework, developed by Rapid7, is an open-source penetration testing software that helps IT professionals assess the security of their networks and applications. The Metasploit Project consists of over 700,000 lines of code and has been downloaded over a million times in the past year. The commercial editions Metasploit Express and Metasploit Pro from Rapid7 are also based on Ruby.

Thanks!

Chris

···

-----Original Message-----
From: James Edward Gray II [mailto:james@graysoftinc.com]
Sent: Wednesday, January 05, 2011 12:40 PM
To: ruby-talk ML
Subject: Re: Petition to add Metasploit Project as Ruby success story

On Jan 5, 2011, at 8:52 AM, Christian Kirsch wrote:

Can someone please recommend whom to contact for updates to the Ruby website? I'm referring to page
http://www.ruby-lang.org/en/documentation/success-stories/

The VIT Core mailing list usually handles these discussions. The webmaster email link at the bottom of each page sends messages there.

I propose listing this project in the new section "Security" as follows:

The Metasploit Framework, developed by Rapid7, is an open-source penetration testing software that helps IT professionals assess the security of their networks and applications. It is the world's largest Ruby project with over 700,000 lines of code and over a million unique downloads and updates in the past year. The commercial editions Metasploit Express and Metasploit Pro from Rapid7 are also based on Ruby.

I don't see any reason we couldn't list it.

My one comment though is that I don't like calling it "the world's largest Ruby project." There are multiple ways to measure that, of course. I realize that you name two: lines of code (which I'm not convinced is an advantage) and downloads. I'm doubting your claim on the downloads entirely, since rubygems.org lists over 2 million downloads for Rails:

  http://rubygems.org/gems/rails

If we can dump the my-framework-can-whip-your-framework aspects, and just talk about why Metasploit is cool, I'm fine with putting it up.

James Edward Gray II

Hi James,

Thanks for the response. I had tried contacting the webmaster several times but didn't hear back.

I apologize. Myself, and others, should have received those messages. I'm not sure why we didn't.

Would you be able to help me with this or can you put me in contact with someone?

I can add Metasploit to the Ruby site, yes.

Would you prefer me to take this conversation off-line or continue on the other mailing list?

I think it's fine if we discuss it here. I'm definitely interested in the opinions of others.

Apologies for the confusion with "largest project". In my head, I wasn't making the claim that the project is the largest on the basis of downloads (I didn't know the stats for RoR), but I can see that I phrased it poorly. What do you think of this alternative wording:

The Metasploit Framework, developed by Rapid7, is an open-source penetration testing software that helps IT professionals assess the security of their networks and applications. The Metasploit Project consists of over 700,000 lines of code and has been downloaded over a million times in the past year. The commercial editions Metasploit Express and Metasploit Pro from Rapid7 are also based on Ruby.

That seems OK to me.

Do you want to hyperlink things like Metasploit and Rapid7? Let me have a version in Textile with the proper linking, please.

James Edward Gray II

···

On Jan 5, 2011, at 12:06 PM, Christian Kirsch wrote:

Hi James,

Great! Here's the text block in Textile:

h4. Security

The "Metasploit Framework":http://www.metasploit.com, developed by Rapid7, is an open-source penetration testing software that helps IT professionals assess the security of their networks and applications. The Metasploit Project consists of over 700,000 lines of code and has been downloaded over a million times in the past year. The commercial editions "Metasploit Express": http://www.rapid7.com/products/metasploit-express.jsp and "Metasploit Pro": http://www.rapid7.com/products/metasploit-pro.jsp from "Rapid7": http://www.rapid7.com are also based on Ruby.

Many thanks!

Chris

I've put it up with one super minor change:

http://www.ruby-lang.org/en/documentation/success-stories/

James Edward Gray II

···

On Jan 5, 2011, at 1:40 PM, Christian Kirsch wrote:

h4. Security

The "Metasploit Framework":http://www.metasploit.com, developed by Rapid7, is an open-source penetration testing software that helps IT professionals assess the security of their networks and applications. The Metasploit Project consists of over 700,000 lines of code and has been downloaded over a million times in the past year. The commercial editions "Metasploit Express": http://www.rapid7.com/products/metasploit-express.jsp and "Metasploit Pro": http://www.rapid7.com/products/metasploit-pro.jsp from "Rapid7": http://www.rapid7.com are also based on Ruby.

Hi James,

Fantastic - and very fast! :slight_smile:

Many thanks,

Chris

···

-----Original Message-----
From: James Edward Gray II [mailto:james@graysoftinc.com]
Sent: Wednesday, January 05, 2011 2:48 PM
To: ruby-talk ML
Subject: Re: Petition to add Metasploit Project as Ruby success story

On Jan 5, 2011, at 1:40 PM, Christian Kirsch wrote:

h4. Security

The "Metasploit Framework":http://www.metasploit.com, developed by Rapid7, is an open-source penetration testing software that helps IT professionals assess the security of their networks and applications. The Metasploit Project consists of over 700,000 lines of code and has been downloaded over a million times in the past year. The commercial editions "Metasploit Express": http://www.rapid7.com/products/metasploit-express.jsp and "Metasploit Pro": http://www.rapid7.com/products/metasploit-pro.jsp from "Rapid7": http://www.rapid7.com are also based on Ruby.

I've put it up with one super minor change:

http://www.ruby-lang.org/en/documentation/success-stories/

James Edward Gray II

James Edward Gray II wrote in post #972608:

The Metasploit Project
consists of
over 700,000 lines of code and has been downloaded over a million times
in the
past year.

I've put it up with one super minor change:

http://www.ruby-lang.org/en/documentation/success-stories/

I hate "in the past year", as this information will automatically become
incorrect. How about "in 2010"?

···

--
Posted via http://www.ruby-forum.com/.

Excellent point. Updated.

James Edward Gray II

···

On Jan 6, 2011, at 9:58 AM, Brian Candler wrote:

James Edward Gray II wrote in post #972608:

The Metasploit Project
consists of
over 700,000 lines of code and has been downloaded over a million times
in the
past year.

I've put it up with one super minor change:

http://www.ruby-lang.org/en/documentation/success-stories/

I hate "in the past year", as this information will automatically become
incorrect. How about "in 2010"?