For those of you who have actually used the thing, do you really think it's the end all be all of penetration testing (or not testing)?
I mean it's great you can launch prepackaged exploits so easily without having to find them, compile them, and configure the payloads manually every stinking time, but I feel almost like it's a script kiddie empowerment tool because of that.
I'm kind of sick of people telling me "oh metasploit doesn't have anything for that system, so it must be secure".
$0.02
-K