The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
Tutorial: Using web command injection vulnerability to gain administrative shell on Windows web server

Rapid7 Blog

Tutorial: Using web command injection vulnerability to gain administrative shell on Windows web server

webpwnized's avatar

webpwnized

Video: Introduction to basic host and service discovery scanning

Rapid7 Blog

Video: Introduction to basic host and service discovery scanning

webpwnized's avatar

webpwnized

Weekly Metasploit Update: RATs, WPAD, and More!

Products and Tools

Weekly Metasploit Update: RATs, WPAD, and More!

Tod Beardsley's avatar

Tod Beardsley

Exploit Trends: New Microsoft and MySQL Exploits Make the Top 10

Vulnerabilities and Exploits

Exploit Trends: New Microsoft and MySQL Exploits Make the Top 10

Christian Kirsch's avatar

Christian Kirsch

Tutorial: How to Scan Exploit Metasploitable-2 using Metasploit, Nexpose, nessus, Nmap, and John-the-Ripper

Rapid7 Blog

Tutorial: How to Scan Exploit Metasploitable-2 using Metasploit, Nexpose, nessus, Nmap, and John-the-Ripper

webpwnized's avatar

webpwnized

Weekly Metasploit Update: Sniffing with Meterpreter, Egg Hunting, and More!

Products and Tools

Weekly Metasploit Update: Sniffing with Meterpreter, Egg Hunting, and More!

Tod Beardsley's avatar

Tod Beardsley

Metasploit Exploit Development - The Series Part 1.

Products and Tools

Metasploit Exploit Development - The Series Part 1.

nanoquetz9l's avatar

nanoquetz9l

5 NON-TECHNICAL REASONS ORGANIZATION GET BREACHED

Exposure Management

5 NON-TECHNICAL REASONS ORGANIZATION GET BREACHED

dmorash's avatar

dmorash

Mentoring Junior Red Team Members with Metasploit Pro

Products and Tools

Mentoring Junior Red Team Members with Metasploit Pro

Christian Kirsch's avatar

Christian Kirsch

Press F5 for root shell

Products and Tools

Press F5 for root shell

Egypt's avatar

Egypt

Direct downloads

Products and Tools

Direct downloads

Rapid7's avatar

Rapid7

Creating a PCI 11.3 Penetration Testing Report in Metasploit

Exposure Management

Creating a PCI 11.3 Penetration Testing Report in Metasploit

Christian Kirsch's avatar

Christian Kirsch

New Critical Microsoft IE Zero-Day Exploits in Metasploit

Vulnerabilities and Exploits

New Critical Microsoft IE Zero-Day Exploits in Metasploit

Wei Chen's avatar

Wei Chen

Weekly Metasploit Update: Encrypted Java Meterpreter, MS98-004, and New Modules!

Products and Tools

Weekly Metasploit Update: Encrypted Java Meterpreter, MS98-004, and New Modules!

Tod Beardsley's avatar

Tod Beardsley

Introducing Metasploitable 2!

Products and Tools

Introducing Metasploitable 2!

HD Moore's avatar

HD Moore

How to Create Custom Reports in Metasploit

Products and Tools

How to Create Custom Reports in Metasploit

Christian Kirsch's avatar

Christian Kirsch

Scanning for Vulnerable F5 BigIPs with Metasploit

Products and Tools

Scanning for Vulnerable F5 BigIPs with Metasploit

HD Moore's avatar

HD Moore

CVE-2012-2122: A Tragically Comedic Security Flaw in MySQL

Vulnerabilities and Exploits

CVE-2012-2122: A Tragically Comedic Security Flaw in MySQL

HD Moore's avatar

HD Moore

Weekly Metasploit Update: Citrix Opcodes, Hash Collisions, and More!

Products and Tools

Weekly Metasploit Update: Citrix Opcodes, Hash Collisions, and More!

Tod Beardsley's avatar

Tod Beardsley

Exploit Trends: CCTV DVR Login Scanning and PHP CGI Argument Injection

Vulnerabilities and Exploits

Exploit Trends: CCTV DVR Login Scanning and PHP CGI Argument Injection

Christian Kirsch's avatar

Christian Kirsch

Webcast: Don't Pick the Lock, Steal the Key - Password Auditing With Metasploit

Products and Tools

Webcast: Don't Pick the Lock, Steal the Key - Password Auditing With Metasploit

Christian Kirsch's avatar

Christian Kirsch