Posts tagged Penetration Testing

2 min This One Time on a Pen Test

This One Time on a Pen Test: Ain’t No Fence High Enough

In this edition of "This One Time on a Pen Test," we discuss an engagement with for an energy company with a high-fence compound.
2 min Penetration Testing

This One Time on a Pen Test: How I Outwitted the Vexing VPN

In this edition of "This One Time on a Pen Test," we discuss outwitting the vexing VPN.
2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: Sep. 11, 2020

Three new modules, including a Pwn2Own addition for OS X, plus proxy support for Python Meterpreter, new search improvements, and a reminder of how to report security issues in Metasploit.
2 min Penetration Testing

This One Time on a Pen Test: I’m Calling My Lawyer!

In this engagement, Rapid7 pen testers were tasked to identify sensitive information, harvest credentials, and obtain a reverse shell on their machines.
2 min Penetration Testing

This One Time on a Pen Test: Playing Social Security Slots

This post is part of an ongoing series featuring testimonials of what goes on beneath the hoodie during Rapid7 penetration testing engagements.

5 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: 8/7/20

Metasploit 6 initial features and active development, the 2020 open-source security meetup (OSSM), four new modules, and the longest list of enhancements and fixes we've ever written in one sitting.
3 min Penetration Testing

The Importance of Pen Testing for Startups

Recently, we sat down with Intenseye's Sercan Esen and Serhat Cillidag to discuss developing robust security programs for startup environments.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: 6/5/20

vBulletin, WordPress, and WebLogic exploits, along with some enhancements and fixes.
3 min Risk Management

Meet AttackerKB

Meet AttackerKB: a new community-driven resource that highlights diverse perspectives on which vulnerabilities make the most appealing targets for attackers.
2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: 4/10/20

Meterpreter bug fixes and five new modules, including an LPE exploit for SMBghost (CVE-2020-0796) and a BloodHound post module that gathers information (sessions, local admin, domain trusts, etc.) and stores it as a BloodHound-consumable ZIP file in Framework loot.
4 min Penetration Testing

Lessons Learned from an Unlikely Path to My OSCP Certification

In this blog, our own Patrick Laverty discusses lessons learned from his path to a Offensive Security Certified Professional (OSCP) certification.
5 min Penetration Testing

Ask a Pen Tester Q&A, Part 2: Everything You Need to Know About the Art of Penetration Testing

We sat down with our own penetration testers to answer some of your questions about what exactly pen testing entails.
3 min Penetration Testing

What You Need to Know to Get Started in the Penetration Testing Field

In this blog, we sat down with our own penetration testers to answer some of your questions to help get you started in the field.
7 min Penetration Testing

This One Time on a Pen Test, Halloween Edition: An Ode to Our Favorite Pen Tester Disguises

In honor of Halloween, we wanted to celebrate by sharing a few of our Rapid7 pen testers’ costumed crusades.
2 min Penetration Testing

This One Time on a Pen Test: “Let Me Get That for You”

In this blog, we discuss how our team successfully gained access to a client's physical building in an unlikely way.

Popular Topics

Tags