2 min
Metasploit
PCI DIY: How to do an internal penetration test to satisfy PCI DSS requirement 11.3
If you're accepting or processing credit cards and are therefore subject to PCI
DSS, you'll likely be familiar with requirement 11.3, which demands that you
"perform penetration testing at least once a year, and after any significant
infrastructure or application upgrade or modification". What most companies
don't know is that you don't have to hire an external penetration testing
consultant - you can carry out the penetration test internally, providing you
follow some simple rules:
* Sufficie
1 min
Metasploit
How to Update to Metasploit 4.0
If you're packing to go to Black Hat, Defcon or Security B-Sides in Las Vegas,
make sure you also download Metasploit 4.0 to entertain you on the plane ride.
The new version is now available for all editions, and here's how you upgrade:
* Metasploit Pro and Metasploit Express 4.0: For fresh installs, download
version 4.0 of Metasploit Pro
[https://www.rapid7.com/products/metasploit/download/] and install. If you
already have Metasploit Pro or Metasploit Express installed, simply go t
4 min
Metasploit
Metasploit 4.0 is Coming Soon!
It'll only be days until you can download the new Metasploit version 4.0!
The new version marks the inclusion of 36 new exploits, 27 new post-exploitation
modules and 12 auxiliary modules, all added since the release of version 3.7.1
in May 2011. These additions include nine new SCADA exploits, improved 64-bit
Linux payloads, exploits for Firefox and Internet Explorer, full-HTTPS and HTTP
Meterpreter stagers, and post-exploitation modules for dumping passwords from
Outlook, WSFTP, CoreFTP, S