All Posts

3 min Vulnerability Disclosure

How Poisonous is VENOM (CVE-2015-3456) to your Virtual Environments?

Today CrowdStrike disclosed VENOM (Virtualized Environment Neglected Operations Manipulation) or CVE-2015-3456 , a vulnerability that could allow an attacker with access to one virtual machine to compromise the host system and access the data of other virtual machines. It's been a few months since we've seen a branded and logo'd vulnerability disclosure, and the main question everyone wants to know is wh
2 min

Availability of Metasploit Community & Metasploit Pro Trials Outside US & Canada

Due to changes in regulatory requirements that are applicable to Metasploit (Pro and Community) and similar products, as of Sunday, April 19, 2015, individuals outside of the US and Canada who would like to use Metasploit Pro or the Metasploit Community Edition will need to request a license and provide additional information regarding themselves or their organization designation. In accordance with the
2 min Compliance

Top 3 Takeaways from the "PCI DSS 3.0 Update

In this week's webcast, Jane Man and Guillaume Ross revisited the latest PCI DSS 3.0 requirements. Security professionals need to be diligent to remain compliant and secure. Jane and Guillaume discussed some key results from the Verizon 2015 PCI Compliance Report, tips and tricks for complying with requirements 7, 8, and 10, and touched upon upcoming changes in v3.0 and v3.1. Read on for the top 3 takeaways from the “PCI DSS 3.0 Update: How to Restrict
5 min Metasploit

Unicode Support in Meterpreter

A short, mostly-accurate history of character encodings In the beginning, when you wanted to use a computer to store text, there were not many options - you inherited something from punchcards like EBCDIC or invented something convenient and unique to your system. Computers did not need to talk to each other, so there was not much point in standardizing between vendors. Things were pretty simple. Then, there came the need for computers and vendors to interoperate and communicate. Thus, ASCII an
8 min Metasploit

Meterpreter Survey 2015: You spoke, we listened, then wrote a bunch of code.

The Survey One month ago we asked the community for feedback about how they use Metasploit and what they want to see in the Meterpreter payload suite going forward. Over the course of a week we received over 400 responses and over 200 write-in suggestions for new features. We have spent the last month parsing through your responses, identifying dependencies, and actively delivering new features based on your requests. These requests covered 20 different categories: General Feedback Metasploit F
6 min Incident Detection

Let's talk about metrics...

Today I read an article on metrics and it was interesting. Here's the link to the original article. I am kind of a metrics geek. When done well, a metrics program can be of extreme value to a security program. However, when done badly, they can cloud your vision and make it difficult to notice that your radar is off by a few degrees. The article addressed severa
10 min

Deep Dive Into Stageless Meterpreter Payloads

Metasploit has long supported a mixture of staged and stageless payloads within its toolset. The mixture of payloads gives penetration testers a huge collection of options to choose from when performing exploitation. However, one option has been missing from this collection, and that is the notion of a stageless Meterpreter payload. In this post, I'd like to explain what this means, why you should care, and show how the latest update to Metasploit and Meterpreter provides this funky new feature

5 min

Using Host Tagging in Metasploit for Penetration Testing

Hello my fellow hackers! Tag, you're it! For today's blog post, I'd like to talk about host tagging a little bit in Metasploit. If you are a penetration tester, a CTF player, or you just pop a lot of shells like a rock star, then perhaps this will interest you. If you have never used this kind of feature, then hopefully this blog post will bring you a new idea on how to approach host management. So what is host tagging? Well, the idea is simple really. It's a way to label your targets and make
7 min Logentries

The Flexbox Paradigm: CSS3 Layout for Today’s Applications

Introduction Controlling the layout of web pages and applications has always been a little tricky. In the beginning, there were almost no mechanisms for page layout, other than some basic formatting of html tags. We could apply some font styling, add background colors, and with the use of paragraph’s and line breaks could achieve some block spacing. With the introduction and evolution of CSS, it gave us further control, but more importantly, control over the elements box model. We could now f
3 min Events

The Return of Rapid7 Rapid Fire: A spirited infosec debate, round 3

The topics: Controversial. The answers: Unfiltered. The alcohol: Plentiful. I'm talking about Rapid7 Rapid Fire -- it's happening for a third time this June in Boston. Bonus: This year, It's totally free and open to the public, so please join us! What is it? It's a panel debate where we ask some big names in infosec to argue for or against a number of controversial topics in our field. To make things interesting, the panelists are often asked to debate a side of the argument they might not ev
4 min Logentries

MongoDB Log Analytics

MongoDB 3.0 is now available! If you are new to MongoDB or upgrading from 2.6, you will enjoy all of the new features including document-level locking, better write performance, big memory support, and more. Additionally, to improve usability of the log messages for diagnosis, MongoDB now categorizes some log messages under specific components, operations, and provides the ability to set the verbosity level for these components. Today, Logentries is launching a new Community Pack for MongoDB

3 min

Weekly Metasploit Wrapup: Stageless Meterpreter and the Revenge of Stuxnet

Stageless Meterpreter Remember the Metasploit Pop Quiz we ran about a month back? Well, we got tons of support from you, the Metasploit users, and have been picking out what you want to see and have started turning those wishes into reality. I know HD , Brent , and OJ are working up a much more exhaustive blog post for next week to lay out what's going where and

4 min

Securing Credit Lines: Eating Our Own Dogfood

We InfoSec (or cybersecurity) folks, we're full of all kinds of sage wisdom: “Put a password on your phone, tell it to self destruct after 10 failed attempts” … check! “Set up WPA2 on your home network!” … check! “Install patches as fast as you can!” … (well, as best as I can?) …check! “Freeze your credit reports!” … static “Dogfooding ” (verb, slang) is a term used to reference a scenario in which a company uses its own product to va
2 min IT Ops

New Logentries Cookbook for Chef

We have released our logentries_agent cookbook to supermarket.chef.io ! You can check out the docs here, or I’ve developed the following brief tutorial to walk you through how to automate your installation of the Logentries Linux Agent in your own infrastructure. First off, I

2 min

Are you really protected against Group Policy Bypass and Remote Code Execution? MS15-011 & MS15-014

In February, Microsoft published two hotfixes to address issues with Group Policies. * Microsoft Security Bulletin MS15-011 - Critical * Microsoft Security Bulletin MS15-014 - Important Together, these patches address the following issues: * CVE-2015-0008 MS15-011: Vulnerability in Group Policy Could Allow Remote Code Execution (3000483) | Rapid7

Popular Topics

Tags