Posts tagged Networking

8 min Metasploit

Metasploit 4.7's New MetaModules Simplify Security Testing

Even when offensive security techniques have been publicly discussed at conferences and proof of concept code or open source tools are available, using them in your projects can be very time consuming and may even require custom development. Metasploit Pro 4.7 now introduces MetaModules, a unique new way to simplify and operationalize security testing for IT security professionals. MetaModules automate common yet complicated security tests that provide under-resourced security departments a mor

3 min Microsoft

Microsoft EMET 4.0 might be the best enterprise security tool you're not using yet

Cross-posted from dangerous.net [http://blog.dangerous.net/2013/04/microsofts-emet-40-free-enterprise.html] Last week Microsoft announced [http://blogs.technet.com/b/srd/archive/2013/04/18/introducing-emet-v4-beta.aspx] their 4.0 beta release of EMET (Enhanced Mitigation Experience Toolkit). If you are responsible for securing Windows systems, you should definitely be looking at this free tool if you haven't already. EMET is a toolkit provided by Microsoft to configure security controls on Wi

2 min PCI

Do You (Un)knowingly Exfiltrate?

A few weeks ago, Twitter was buzzing about new and interesting Google Hacks. If you're been visiting this community for more than one day, you'll probably know this already; a Google Hack is a search query that produces some type of unauthorized access to (supposedly) protected data. In this latest iteration, the query is used to disclose private SSH keys stored on Github [https://github.com/search?q=size:%3E1+path:.ssh/id_rsa&type=Code&ref=searchresults] . Of course, this problem isn't limited

3 min Metasploit

Weekly Update: Splitting DNS Modules and a D-Link Auth Bypass

DNS Module Split up This week, we appear to have a whole bunch of new DNS-based enumeration and information gathering modules. In fact, this was actually more of a housekeeping chore, largely by longtime Metasploit contributor Carlos @darkoperator [https://twitter.com/darkoperator] Perez. Darkoperator wrote most of the original enum_dns [https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/enum_dns.rb] module as well. enum_dns became a bit of a junk drawer of DNS

1 min Metasploit

Whiteboard Wednesday - Password Auditing with Metasploit

This week's Whiteboard Wednesday features our own http://www.rapid7.com/resources/videos/password-auditing-with-metasploit.jsp David Maloney [https://community.rapid7.com/people/thelightcosine], speaking about password auditing techniques with Metasploit. He details three quick and easy techniques for auditing in this clip including: * Brute forcing/online attacks * Hash Cracking/offline attacks * Password Recovery This clip aims to give you a good overview about just how much risk your'

1 min Metasploit

Twitter Hacked - 250,000 Passwords Exposed

In what's become a common headline of late, yet another incredibly popular web destination has admitted it's been compromised.  This time, it's our favorite 140 word limited blog - Twitter. [https://twitter.com/] On their blog [http://blog.twitter.com/2013/02/keeping-our-users-secure.html] posted this past Friday, the Tweeps had this advice to their users: "Though only a very small percentage of our users were potentially affected by this attack, we encourage all users to take this opportunit

2 min Metasploit

Introduction to Metasploit Hooks

Metasploit provides many ways to simplify your life as a module developer. One of the less well-known of these is the presence of various hooks you can use for processing things at important stages of the module's lifetime. The basic one that anyone who has written an exploit will be familiar with is exploit, which is called when the user types the exploit command. That method is common to all exploit modules. Aux and post modules have an analogous run method. Common to all the runnable modules

8 min Metasploit

The Odd Couple: Metasploit and Antivirus Solutions

I hear a lot of questions concerning antivirus evasion with Metasploit, so I'd like to share some the information critical to understanding this problem. This blog post is not designed to give you surefire antivirus (AV) evasion techniques, but rather to help you understand the fundamentals of the issue. A Quick Glossary Before we begin, let's define a few terms. This will be important for understanding some of the things we will discuss. Payload: A payload is the actual code that is being del

3 min Nexpose

Introducing Nexpose 5.5 - CIS, USGCB 2, Enhanced Reporting, and Data Scalability

For those of you that don't know me, I head up the Nexpose engineering team, and we are excited to introduce the latest release, Nexpose 5.5. This release focuses on meeting three big needs that we've heard about from our customers. The first is configuration assessment. This is a big deal for organizations that are subject to regulatory or internal standards that require confirmation of specific configurations of IT assets, such as USGCB 2.0. For those organizations, proving compliance is pain

5 min Nexpose

Nexpose Community Edition Lab | Scanning & Reports

In the previous blog post [/2012/06/28/using-nexpose-at-home-theory], we walked through creating a virtual machine and installing Nexpose Community for use in a small lab environment.  In this post, we'll highlight key features of Nexpose, run Discovery and Vulnerability scans and finally generate a report to assist with remediating those pesky vulnerabilities. To log into your Nexpose Console, open your browser and navigate to: https://localhost:3780 [https://localhost:3780/], then input th

2 min Networking

Man on the SecurityStreet - UNITED Day 2

Day two here at the UNITED Security Summit, and I'm starting off the day with a presentation by Rapid7's own rockstar, HD Moore. HD's presentation entitled "An Evil World," was an in-depth look at the Critical.IO project he's working on, and how he's currently scanning the entire Internet in order to make our own corner of it safer. The term "Myopia," stuck with me during his speech, as the entire push behind this project is to proactively worry about the security of other systems - instead of

1 min Metasploit

UNITED Security Summit - Your Man on the Street

Hello all, I'm Patrick Hellen, the Community Manager for SecurityStreet. This week, I'm going to be coming to you live from the San Francisco show floor of the UNITED Security Summit, giving my impressions of what's happening at the event over the next week. I'll be speaking about everything, from the topics in the various talk tracks, to the sheer amount of fun at the party. I'll also be hijacking the Rapid7 Twitter feed for the next few days - to make sure you're up to date on my random path

3 min Networking

Weekly Metasploit Update: SAP, MSSQL, DNS, and More!

Zone Transfers for All This week, Metasploit community contributor bonsaiviking [https://github.com/bonsaiviking] fixed up the DNS library that Metasploit uses so we won't choke on some types of zone transfer responses. Turns out, this is a two-year old bug [https://dev.metasploit.com/redmine/issues/507], but DNS servers that actually offer zone transfers are so rare any more that this this bug didn't manifest enough to get squashed. This brings me to a larger point -- with older vulnerabilitie

4 min Networking

SOC Monkey - Week in Review - 8.13.12

Welcome back Monkeynauts, It's Monday, so that means I'm going to tell you to download my App [http://itunes.apple.com/us/app/soc-monkey/id500480953?mt=8], from the Apple App Store [http://itunes.apple.com/us/app/soc-monkey/id500480953?mt=8], before launching into the top stories the Pips found interesting last week. Let's take a look, shall we? Let's start this week with something that might hit close to home for several of you, including your favorite Monkey twitter aggregate: Blizzard's B

4 min Networking

SOC Monkey - Week in Review - 8.6.12

Monkeynauts, It's good to have you back. If this is your first time here, feel free to check out where I'm getting all my stories by downloading my App [http://itunes.apple.com/us/app/soc-monkey/id500480953?mt=8] from the Apple App Store [http://itunes.apple.com/us/app/soc-monkey/id500480953?mt=8]. Let's take a quick trip back to some of the big news from earlier this summer, and discuss LinkedIn again: LinkedIn: Breach Cost Up to $1M, Says $2-3 Million in Security Upgrades Coming. [http://w