The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
Making the Nexpose Gem Easier to Use

Products and Tools

Making the Nexpose Gem Easier to Use

daines's avatar

daines

Weekly Update: Splitting DNS Modules and a D-Link Auth Bypass

Products and Tools

Weekly Update: Splitting DNS Modules and a D-Link Auth Bypass

Tod Beardsley's avatar

Tod Beardsley

Per-log retention period

Products and Tools

Per-log retention period

Rapid7's avatar

Rapid7

Vulnerability Correlation -- Enabled by Default

Rapid7 Blog

Vulnerability Correlation -- Enabled by Default

Jon Hart's avatar

Jon Hart

Weekly Update: Corelan, MSFTidy, and UNC Path Injection

Products and Tools

Weekly Update: Corelan, MSFTidy, and UNC Path Injection

Tod Beardsley's avatar

Tod Beardsley

How to Verify that the Payload Can Connect Back to Metasploit on a NATed Network

Products and Tools

How to Verify that the Payload Can Connect Back to Metasploit on a NATed Network

Christian Kirsch's avatar

Christian Kirsch

Patch Tuesday - February 2013 Edition!

Rapid7 Blog

Patch Tuesday - February 2013 Edition!

Ross Barrett's avatar

Ross Barrett

Getting Started with the Nexpose Virtual Appliance

Products and Tools

Getting Started with the Nexpose Virtual Appliance

Rapid7 Support's avatar

Rapid7 Support

Security Flaws in Universal Plug and Play: Unplug, Don't Play

Products and Tools

Security Flaws in Universal Plug and Play: Unplug, Don't Play

HD Moore's avatar

HD Moore

Ray Sharp CCTV DVR Password Retrieval & Remote Root

Vulnerabilities and Exploits

Ray Sharp CCTV DVR Password Retrieval & Remote Root

HD Moore's avatar

HD Moore

New VMware ESX/ESXi coverage is elegant in its simplicity

Rapid7 Blog

New VMware ESX/ESXi coverage is elegant in its simplicity

csong's avatar

csong

The Forgotten Spying Feature: Metasploit's Mic Recording Command

Products and Tools

The Forgotten Spying Feature: Metasploit's Mic Recording Command

Wei Chen's avatar

Wei Chen

Weekly Update: Metasploit 4.5.1, MSFUpdate, and More Wordpress Hijinks

Rapid7 Blog

Weekly Update: Metasploit 4.5.1, MSFUpdate, and More Wordpress Hijinks

Tod Beardsley's avatar

Tod Beardsley

Update to the Metasploit Updates and msfupdate

Products and Tools

Update to the Metasploit Updates and msfupdate

Tod Beardsley's avatar

Tod Beardsley

Hacking like it's 1985: Rooting the Cisco Prime LAN Management Solution

Products and Tools

Hacking like it's 1985: Rooting the Cisco Prime LAN Management Solution

HD Moore's avatar

HD Moore

Video Tutorial: Introduction to Burp-Suite 1.5 Web Pen Testing Proxy

Rapid7 Blog

Video Tutorial: Introduction to Burp-Suite 1.5 Web Pen Testing Proxy

webpwnized's avatar

webpwnized

Exploiting Ruby on Rails with Metasploit (CVE-2013-0156)

Vulnerabilities and Exploits

Exploiting Ruby on Rails with Metasploit (CVE-2013-0156)

HD Moore's avatar

HD Moore

Weekly Metasploit Update: Rails Scanning, ZDI, and Exploit Dev

Products and Tools

Weekly Metasploit Update: Rails Scanning, ZDI, and Exploit Dev

Tod Beardsley's avatar

Tod Beardsley

Serialization Mischief in Ruby Land (CVE-2013-0156)

Vulnerabilities and Exploits

Serialization Mischief in Ruby Land (CVE-2013-0156)

HD Moore's avatar

HD Moore

Free Metasploit Penetration Testing Lab in the Cloud

Products and Tools

Free Metasploit Penetration Testing Lab in the Cloud

Christian Kirsch's avatar

Christian Kirsch

Using BackTrack 5 R3 with Metasploit Community or Metasploit Pro

Products and Tools

Using BackTrack 5 R3 with Metasploit Community or Metasploit Pro

Christian Kirsch's avatar

Christian Kirsch