3 min
Research
Open-Source Security: Getting to the Root of the Problem
The past few weeks have shown us the importance and wide reach of open-source security.
4 min
Open Source
Security at Scale in the Open-Source Supply Chain
Securing supply chains based on open-source software requires scalable vulnerability management and vigilant monitoring.
13 min
Vulnerability Disclosure
Multiple Open Source Web App Vulnerabilities Fixed
While it's never great to learn of new vulnerabilities in your own product, all three project maintainers accepted, validated, and provided fixes for these vulnerabilities within one day, which is amazing when it comes to vulnerability disclosure.
3 min
Open Source
Rapid7 and Velociraptor Join Forces
Rapid7 has acquired a digital forensics and incident response (DFIR) framework called Velociraptor.
3 min
Risk Management
Meet AttackerKB
Meet AttackerKB: a new community-driven resource that highlights diverse perspectives on which vulnerabilities make the most appealing targets for attackers.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 3/27/20
Three new modules, including a post module to automate the installation of an embeddable Python interpreter on a target, and a new exploit for Microsoft SharePoint Workflows.
22 min
Research
DOUBLEPULSAR RCE 2: An RDP Story
In this sequel, wvu [https://github.com/wvu-r7] recounts the R&D (in all its
imperfect glory) behind creating a Metasploit module for the DOUBLEPULSAR
implant's lesser-known RDP variant. If you're unfamiliar with the more common
SMB variant, you can read our blog post
[/2019/10/02/open-source-command-and-control-of-the-doublepulsar-implant/]
detailing how we achieved RCE with it.
Table of Contents
0. Background
1. Extracting the implant
2. Installing the implant
3. Pinging the implant
4.
2 min
Windows
Metasploit Framework Open Source Installers
Rapid7 has long supplied universal Metasploit installers for Linux and Windows.
These installers contain both the open source Metasploit Framework as well as
commercial extensions, which include a graphical user interface, metamodules,
wizards, social engineering tools and integration with other Rapid7 tools. While
these features are very useful, we recognized that they are not for everyone.
According to our recent survey of Metasploit Community users, most only used it
for the open source comp
3 min
Metasploit
12 Days of HaXmas: Metasploit, Nexpose, Sonar, and Recog
This post is the tenth in a series, 12 Days of HaXmas, where we take a look at
some of more notable advancements and events in the Metasploit Framework over
the course of 2014.
The Metasploit Framework [https://www.metasploit.com/download/] uses operating
system and service fingerprints for automatic target selection and asset
identification. This blog post describes a major overhaul of the fingerprinting
backend within Metasploit and how you can extend it by submitting new
fingerprints.
Histo
3 min
Open Source
Metasploit Weekly Update: On Breaking (and Fixing!) Security Software
Attacking Security Infrastructure
This week, one module stands out for me: the Symantec Endpoint Protection
Manager Remote Command Execution by xistence [https://github.com/xistence], who
built on the proof-of-concept code from Chris Graham
[http://www.exploit-db.com/exploits/31853/], who turned that out after Stefan
Viehbock's disclosure from last week. You can read the full disclosure text
from
SEC Consult Vulnerability Lab [https://sec-consult.com/vulnerability-lab/], and
get an idea of the s
0 min
Metasploit
SecureNinjaTV Interview: Tod Beardsley About Metasploit 10th Anniversary
At Black Hat 2013 in Vegas this year, our very own Tod Beardsley was cornered by
SecureNinja TV and social engineered into giving an interview. Here is the
result - captured for eternity:
[http://www.youtube.com/watch?v=yFHA5F2crFE&feature=youtu.be]
Click here to download Metasploit Pro
[https://www.rapid7.com/products/metasploit/download/]
5 min
Exploits
Security Death Match: Open Source vs. Pay-for-Play Exploit Packs
In the blue corner: an open-source exploit pack. In the red corner: a
pay-for-play incumbent. As a security professional trying to defend your
enterprise against attacks, which corner do you bet on for your penetration
tests?
What's the goal of the game?
Okay, this is a loaded question, because it really depends on what your goal is.
If you are like 99% of enterprises, you'll want to protect against the biggest
and most likely risks. If you are the 1% that comprise defense contractors and
the