4 min
Emergent Threat Response
Mass Exploitation of Exchange Server Zero-Day CVEs: What You Need to Know
On March 2, Microsoft released details on an active state-sponsored threat campaign exploiting four zero-day vulnerabilities in on-premises instances of Microsoft Exchange Server.
2 min
Vulnerability Management
CVE-2020-1472 "Zerologon" Critical Privilege Escalation: What You Need To Know
CVE-2020-1472 is a critical privilege escalation vulnerability that can yield an attacker full takeover of an affected network. Here's what you need to know.
3 min
Risk Management
Meet AttackerKB
Meet AttackerKB: a new community-driven resource that highlights diverse perspectives on which vulnerabilities make the most appealing targets for attackers.
2 min
Metasploit
Congrats to the Winners of the 2020 Metasploit Community CTF
After four days of competition and a whole lot of “trying harder,” we have the
winners of this year's Metasploit community CTF
[/2020/01/15/announcing-the-2020-metasploit-community-ctf/]. We've included some
high-level stats from the game below; check out the scoreboard here
[https://metasploitctf.com/scoreboard]. If you played the CTF and want to let
the Metasploit team know which challenges you found exhilarating, interesting,
or infuriating (in a good way, of course), we have a feedback surve
2 min
Metasploit
Metasploit Team Announces Beta Sign-Up for AttackerKB
AttackerKB is a knowledge base of vulnerabilities and informed opinions on what makes them valuable (or not) targets for exploitation.
5 min
Metasploit
Announcing the 2020 Metasploit Community CTF
Metasploit's community CTF is back! Starting January 30, players will have four days to find flags and win points and glory. Teams welcome.
9 min
Haxmas
Memorable Metasploit Moments of 2019
Here’s a smattering of the year’s Metasploit Framework highlights from 2019. As ever, we’re grateful to and for the community that keeps us going strong.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 5/31/19
Unauthenticated scanner for BlueKeep, community hackathon in Austin, and the usual long list of fixes and enhancements.
2 min
Metasploit
Introducing the Metasploit Development Diaries
In our new Metasploit Development Diaries series, we will share stories of how exploitable conditions become stable, seasoned Metasploit Framework modules.
7 min
Haxmas
The New Shiny: Memorable Metasploit Moments of 2018
Happy HaXmas, friends. Metasploit turned 15 this year, and by all accounts, 2018 was pretty epic.
2 min
Metasploit
Congrats to the 2018 Metasploit Community CTF Winners
After three days of fierce competition, we have the winners of this year's
Metasploit community CTF
[https://www.rapid7.com/blog/post/2018/11/05/announcing-the-2018-metasploit-community-ctf/]
. We've included some high-level stats from the game below; check out the
scoreboard. If you played the CTF this weekend and want to let the Metasploit
team know which challenges you found exhilarating, interesting, or infuriating
(in a good way, of course).
Congratulations to everyone who teamed up with
3 min
Metasploit
Announcing the 2018 Metasploit Community CTF
Two targets, three days, and a thousand teams: Put your skills to the test for a chance to win prizes and bragging rights in Metasploit’s 2018 community CTF.
3 min
Metasploit Weekly Wrapup
Metasploit Wrapup: 10/12/18
New evasion modules in Metasploit Framework, highlights from our Town Hall at DerbyCon VIII, and the last week's improvements and module additions.
3 min
Penetration Testing
Putting Pen (Tests) to Paper: Lessons and Learnings from Rapid7’s Annual Mega-Hackathon
Rapid7's Mega-Hackathon offers a unique chance to go beyond the data and get a feel for what pen testers are like in their natural habitat.
3 min
Threat Intel
Threat Intel Book Club: The Cuckoo's Egg wrap-up
Last week, Rebekah Brown [https://twitter.com/PDXbek] and I wrapped up The
Cuckoo’s Egg [https://en.wikipedia.org/wiki/The_Cuckoo%27s_Egg] with book club
readers around the world. Dig through some blog archives to get a sense of how
this book club got started
[/2018/02/02/welcome-to-the-2018-threat-intel-book-club/] and what we’ve
discussed [/2018/02/27/recap-2-21-threat-intelligence-book-club/] so far
[/2018/03/18/next-threat-intel-book-club-4-5-recapping-the-cuckoos-egg/]. Below
is a recap of
