14 min
IT Ops
State of Log Management for AWS
Introduction
The Log Management
industry was traditionally driven by regulatory compliance and security concerns
resulting in a multi-billion dollar market focused on security and information
event management (SIEM) solutions. However, log management has evolved into a
market that is focused on both the management and analytics of log data. Log
management technologies are becoming more powerful and dynamic, allowing for
data to be
3 min
IT Ops
Using Log Aggregation Across Dev & Ops: The Pricing Advantage
Rob Thatcher is Co-founder and Principal Consultant at Skelton Thatcher
Consulting .
Summary: the pricing of tools or licenses for log aggregation can have a
significant effect on organizational culture and the collaboration between Dev
and Ops teams.
Modern tools for log aggregation (of which Logentries is
one example) can be hugely enabling for DevOps approaches to building and
operating business-critical software systems. However, the pri
5 min
Exploits
Revisiting an Info Leak
Today an interesting tweet
from Greg
Linares (who has been posting awesome
analysis on twitter lately!) came to our attention, concerning the MS15-080
patch:
This patch (included in MS15-080) may have been intended stop one of the Window
kernel bugs exploited by Hacking Team. But, after our analysis, it appears that
there is
2 min
Metasploit Weekly Wrapup
Weekly Metasploit Wrapup: Hackers of Might and Magic
Vegas: That's a Wrap
Well, another trek out to the Nevada desert is behind us. I actually love
heading out there every year, since it gives me a chance to connect with a
sizable chunk of the Metasploit contributor community in a corporeal way. That
just fills me with warm fuzzies, so thanks to all of you who made the
pilgrimage. You, the open source security research community, is what makes
Vegas feel a lot homier than it ought to.
Speaking of community, now that we're past the Vegas Singulari
1 min
Metasploit
Metasploit on Kali Linux 2.0
As you are aware, Kali 2.0
has been released this
week and getting quite a bit of attention, as it should. Folks behind Kali have
worked really hard to bring you the new version of Kali Linux that everyone is
excited about. If you have already started to play with the new version, you
probably have realized that something is different, that is; Metasploit
Community / Pro is no longer installed by default.
Where is Metasploit Community / Pr
3 min
Metasploit
Metasploit Local Exploit Suggester: Do Less, Get More!
Meet Lester, the Exploit Suggester
Hey there, my name is Mo ( Mohamed Sadek ). I am
currently an intern at Rapid7, working with the Metasploit team in Austin. After
some research, testing, and more than a few energy drinks, sinn3r (sinn3r
) and I have authored the first version of the
Metasploit Local Exploit Suggester, or Lester for short. Lester is a post module
that you can use to check a system for local vulnerabilities, using the
11 min
Exploits
Exploiting a 64-bit browser with Flash CVE-2015-5119 (Part 2)
This post is a continuation of Exploiting a 64-bit browser with Flash
CVE-2015-5119
, where we explained how to achieve arbitrary memory read/write on a 64-bit IE
renderer. As a reminder, we are targeting Windows 8.1 / IE11 (64 bits) with
Flash 15.0.0.189. Of course, this write-up may contain a few errors, so your
mileage may vary =)
Where we left off before, we had created an interface to work with memory by
using a corrupted
3 min
Exploits
Exploiting a 64-bit browser with Flash CVE-2015-5119
Some weeks ago, on More Flash Exploits in the Framework
, we introduced the
flash_exploiter library, which is used by Metasploit to quickly add new Flash
exploit modules. If you read that blog entry, then you already know that
flash_exploiter only supports 32-bit browsers (renderers). In this blog post, we
will demonstrate initial steps in adding IE11 64-bit support to CVE-2015-5119
, which is o
6 min
Events
Rapid7 Takes Las Vegas: Black Hat, BSidesLV & DEF CON ... Talks, Parties & Giveaways... phew!
First things first:
You must be registered & confirmed to be able to attend our 2015 Black Hat
party.
I can't emphasize this enough: Unlike previous years, we are not doing any kind
of at-the-door registration for our party this year.
If your plan was to live in the spirit of utter spontaneity, roll up to the club
and see if you can happen to get in without registering beforehand -- you're
going to be disappointed, and we really don't want to see that happen! While w
4 min
Events
The Black Hat Attendee Guide Part 5a - The Magic of People
Joining us for the first time? This post is part of a series that starts right
here .
So this post is a bit of a bonus. I've asked my dear friend Quinton Jones
to share some wisdom and inspiration
on how he injects passion and energy into his introductions. He's simply
unforgettable, one of the greatest customer champions and business development
folks I know, thanks to his passion for people. Please enj
3 min
Metasploit Weekly Wrapup
Weekly Metasploit Wrapup: T-Shirts, T-Shirts, & Some Modules
Black Hat T-Shirts!
Well, it's a week or so until DEF CON 23, and since you're all busy prepping all
your demos and presentations and panels and things, I figured I should remind
you that among all your gear, you should probably toss some clothes in your bag
before you head out the door. In case this slips your mind, though, don't sweat,
we have you covered.
Pictured at right is the winning design from the annual Metasploit T-Shirt
contest, submitted by LewisFX
5 min
Events
The Black Hat Attendee Guide Part 7a: Electronic Survival
If you're just joining us, this post is part of a Black Hat Attendee Guide
series that starts right here
.**
When traveling to industry conferences, most people prepare their electronic
companions (laptops, cell phones, etc) by asking: “Did I pack the right charger
in my carry on?”
The premier gathering of the world's best and brightest hackers might be a great
opportunity for you to up your travel security game. This post serves as a quick
gui
5 min
Events
The Black Hat Attendee Guide Part 7: Your Survival Kit
Joining us for the first time? This post is part seven of a series that starts
right here .
Hacker Summer Camp is no joke, and you've got to have a game plan when you head
for Vegas. If you don't travel frequently, this is for you.
Ignoring sartorial conundrums and basic hygiene, this post is focused on keeping
your body operating at peak… or at least somewhat operational.
Vegas: It's nothing like home for most of us. Desert allergens, low humi
10 min
Events
The Black Hat Attendee Guide Part 6: The Sponsor Hall, Arsenal, and more
If you are just joining us, this is the sixth post in the series starting here
.
Conferences are magical and serendipitous. YouTube can't capture the electricity
you remember in the room as you tell someone “I watched Barnaby jackpot an ATM,”
as others echo back “I was there that year too!”
At technical conferences, the content leads the way—it is what brings us to the
show. Catching up on that research and work being done at “the tip of the spe
3 min
IT Ops
How to Add a GPS Time Source to ntpd
USB GPS dongles have come down significantly in price in recent years and I
picked one up to play with recently.
Apart from using a GPS module to report your latitude, longitude, altitude and
time for mapping applications, it’s also possible to feed the time information
to ntpd as a back-up time source or as a highly accurate time source depending
on the GPS module you end up getting.
The module that I use in this blog post