Posts by Christian Kirsch

5 min Exploits

Security Death Match: Open Source vs. Pay-for-Play Exploit Packs

In the blue corner: an open-source exploit pack. In the red corner: a pay-for-play incumbent. As a security professional trying to defend your enterprise against attacks, which corner do you bet on for your penetration tests? What's the goal of the game? Okay, this is a loaded question, because it really depends on what your goal is. If you are like 99% of enterprises, you'll want to protect against the biggest and most likely risks. If you are the 1% that comprise defense contractors and the

3 min Metasploit

How Metasploit's 3-Step Quality Assurance Process Gives You Peace Of Mind

Metasploit exploits undergo a rigorous 3-step quality assurance process so you have the peace of mind that exploits will work correctly and not affect production systems on your next assignment. Step 1: Rapid7 Code Review Many of the Metasploit exploits are contributed by Metasploit's community of over 175,000 users, making Metasploit the de-facto standard for exploit development. This is a unique ecosystem that benefits all members of the community because every Metasploit user is a “sensor

3 min Exploits

5 Tips to Ensure Safe Penetration Tests with Metasploit

Experienced penetration testers know what to look out for when testing production systems so they don't disrupt operations. Here's our guide to ensure smooth sailing. Vulnerabilities are unintentional APIs In my warped view of the world, vulnerabilities are APIs that weren't entirely intended by the developer. They hey are also undocumented and unsupported. Some of these vulnerabilities are exploited more reliably than others, and there are essentially three vectors to rank them: * Exploit s

4 min Exploits

November Exploit Trends: Apache Killer Exploit New to List

This month was a quiet one on the Metasploit Top Ten List. Each month we compile a list of the most searched exploit and auxiliary modules from our exploit database [http://www.metasploit.com/modules/]. To protect user's privacy, the statistics come from analyzing webserver logs of searches, not from monitoring Metasploit usage. The only new addition to the list this month is an old Apache Killer exploit. Read on for the rest of November's exploit and auxiliary modules with commentary by Meta

4 min Metasploit

New Metasploit 4.5: Manage Your Organization's Phishing Exposure

You can now get a better handle on your organization's exposure to phishing attacks [http://www.rapid7.com/solutions/need/manage-phishing-exposure.jsp]: Metasploit Pro now gives you quick insight on risks and advice on how to reduce them. With today's new release version 4.5, Metasploit Pro's social engineering features are no longer just for penetration testers but add a lot of value for more generalist security professionals. A handful of our customers already tested these new capabilities i

5 min Metasploit

Exploit Trends: Top 10 Searches for Metasploit Modules in October

Time for your monthly dose of Metasploit exploit trends! Each month we gather this list of the most searched exploit and auxiliary modules from the Metasploit database. To protect users' privacy, the statistics come from analyzing webserver logs of searches, not from monitoring Metasploit usage. October was a quiet month for exploit headlines, so not a whole lot of action on the list. The high traffic to Java and IE modules from their respective 0-days settled down, so you'll see some shuffli

1 min Penetration Testing

How to Justify Your Penetration Testing Budget - Whiteboard Wednesdays

Is penetration testing a good idea to you, but your managers don't seem to get it? Don't worry, you're not alone, and there is a solution. This Whiteboard Wednesday [http://www.rapid7.com/resources/videos/justifying-penetration-testing-budget.jsp] video walks you through some steps to achieve your goal - and to get your budget approved. Areas I'll touch on are: * How do I explain penetration testing to my boss? * Why do we need penetration testing if we have all these security controls in

5 min Metasploit

Exploit Trends: Java and IE 0days

Each month we report the top ten searched exploit and auxiliary modules on metasploit.com. The statistics are drawn from our exploit database by analyzing webserver logs of searches, not through Metasploit usage which is not tracked to preserve privacy. With the Java and Internet Explorer 0-days in August and September, this month's exploit trends from Metasploit really shook-up the status quo. And, just to make things more interesting, there are a couple exploits from April that came back fo

1 min Penetration Testing

What is Penetration Testing? - Whiteboard Wednesdays

Are you wondering "What is penetration testing?" Need a quick primer on the topic? In this first video of our Whiteboard Wednesdays series, we're explaining what a penetration test is as well as some typical reasons why people conduct so-called "pen tests". l'll also introduce you to the typical steps of a penetration test, including: * Reconaissance * Discovery * Exploitation * Bruteforcing * Social engineering * Taking control * Pivoting * Collecting evidence * Reporting * Remediati

2 min Authentication

Free Scanner for MySQL Authentication Bypass CVE-2012-2122

The MySQL authentication bypass vulnerability (CVE-2012-2122) - explained in detail in HD Moore's blog post [/2012/06/11/cve-2012-2122-a-tragically-comedic-security-flaw-in-mysql] - was the cause for much concern when it was first discovered. In response, we've created a new vulnerability scanner for CVE-2012-2122 called ScanNow [http://www.rapid7.com/free-security-software-downloads/MySQL-vulnerability-scanner-CVE-2012-2122.jsp] , which enables you to check your network for vulnerability to thi

1 min Metasploit

Webcast: Decrease Your Risk of a Data Breach - Effective Security Programs with Metasploit

Thanks for the many CISOs and security engineers who attended our recent webcast, in which I presented some practical advice on how to leverage Metasploit to conduct regular security reviews that address current attack vectors. While Metasploit is often used for penetration testing projects, this presentation focuses on leveraging Metasploit for ongoing security assessments that can be achieved with a small security team to reduce the risk of a data breach. This webcast is now available for on-

4 min Exploits

Exploit Trends: August Java 0-day

Coming from August's Java 0-day release, there are three new Java exploits among the top 10 most searched Metasploit exploits and auxiliary modules in this month's trend list. The monthly statistics are drawn from our exploit database [http://www.metasploit.com/modules/] by analyzing webserver logs of searches on metasploit.com, not through Metasploit usage which is not tracked for privacy. Check out the top searched exploits and modules below, annotated with Tod Beardley's excellent comments

1 min Open Source

Webcast: Playing in the Sandbox - Open Source Tools for Threat Intelligence

If you missed last week's webcast in the Life's a Breach series, I have good news for you: The recording is now available [http://information.rapid7.com/open-source-tools-for-threat-intelligence-on-demand.html?LS=1315242&CS=web] . In this webcast, Claudio Guarnieri, security researcher with Rapid7 and creator of Cuckoo Sandbox, shows what we can learn from analyzing malware that have been caught with honeypots. By watching this webcast you will learn: * How to actively collect and analyze thr

4 min Exploits

Exploit Trends: Java Signed Applet Social Engineering and Joomla Exploit

Each month we use the exploit database (DB) [http://www.metasploit.com/modules/] to compile a list of the top 10 most searched exploit and auxiliary modules from Metasploit. The data base analyzes searches conducted on Metasploit.com from the webserver's logs. (We do not track actual Metasploit usage to preserve users' privacy.) This month's list has the top 5 hanging strong from last month, with three new additions coming in at numbers 8, 9, and 10. Tod Beardsley broke down the top 10 to gi

5 min Metasploit

New Metasploit 4.4: Risk Validation for Vulnerability Management with Nexpose, Improved AV Evasion, and Faster UI

Fresh out of the oven and in time for Black Hat Las Vegas, we present to you the new Metasploit 4.4 with these great new features: Focus Your Remediation Efforts: Metasploit Risk Validation for Nexpose Vulnerability Management You may have been in this situation: your vulnerability scanning report is so long you don't know where to start. You don't have time to address all vulnerabilities, and you don't know which ones are important. If this sounds familiar, you may get very excited about Met