Posts tagged Open Source

4 min Detection and Response

Security at Scale in the Open-Source Supply Chain

Securing supply chains based on open-source software requires scalable vulnerability management and vigilant monitoring.

13 min Vulnerability Disclosure

Multiple Open Source Web App Vulnerabilities Fixed

While it's never great to learn of new vulnerabilities in your own product, all three project maintainers accepted, validated, and provided fixes for these vulnerabilities within one day, which is amazing when it comes to vulnerability disclosure.

3 min News

Rapid7 and Velociraptor Join Forces

Rapid7 has acquired a digital forensics and incident response (DFIR) framework called Velociraptor.

3 min Vulnerability Risk Management

Meet AttackerKB

Meet AttackerKB: a new community-driven resource that highlights diverse perspectives on which vulnerabilities make the most appealing targets for attackers.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Three new modules, including a post module to automate the installation of an embeddable Python interpreter on a target, and a new exploit for Microsoft SharePoint Workflows.

22 min Research

DOUBLEPULSAR RCE 2: An RDP Story

In this sequel, wvu [https://github.com/wvu-r7] recounts the R&D (in all its imperfect glory) behind creating a Metasploit module for the DOUBLEPULSAR implant's lesser-known RDP variant. If you're unfamiliar with the more common SMB variant, you can read our blog post [/2019/10/02/open-source-command-and-control-of-the-doublepulsar-implant/] detailing how we achieved RCE with it. Table of Contents 0. Background 1. Extracting the implant 2. Installing the implant 3. Pinging the implant 4.

3 min API

Analyzing Activity on Kubernetes Ports: Potential Backdooring Through the Kubelet API

Recently at Rapid7 Labs, we’ve noticed an increase in activity on ports related to the management of a Kubernetes [https://kubernetes.io/] cluster. In this post, we provide background context to Kubernetes and how it relates to the issues we see, as well as offer some guidance for securing a Kubernetes cluster. These days, more and more people are deploying their software using container services such as Docker. Containers make it easy for developers to replicate programming environments in dev

4 min Metasploit

Introducing RubySMB: The Protocol Library Nobody Else Wanted To Write

The Server Message Block (SMB) protocol family is arguably one of the most important network protocols to be conversant in as a security professional. It carries the capability for File and Print Sharing, remote process execution, and an entire system of Named Pipes that serve as access points to any number of services running on a machine, such as Microsoft SQL Server. For users of Metasploit [https://rapid7.com/products/metasploit/], they will know SMB as the protocol used for PSExec [https:/

2 min Windows

Metasploit Framework Open Source Installers

Rapid7 has long supplied universal Metasploit installers for Linux and Windows. These installers contain both the open source Metasploit Framework as well as commercial extensions, which include a graphical user interface, metamodules, wizards, social engineering tools and integration with other Rapid7 tools. While these features are very useful, we recognized that they are not for everyone. According to our recent survey of Metasploit Community users, most only used it for the open source comp

3 min Metasploit

12 Days of HaXmas: Metasploit, Nexpose, Sonar, and Recog

This post is the tenth in a series, 12 Days of HaXmas, where we take a look at some of more notable advancements and events in the Metasploit Framework over the course of 2014. The Metasploit Framework uses operating system and service fingerprints for automatic target selection and asset identification. This blog post describes a major overhaul of the fingerprinting backend within Metasploit and how you can extend it by submitting new fingerprints. Historically, Metasploit wasn't great at fin

4 min Open Source

12 Days of HaXmas: Metasploit Yearly Wrapup

This post is the seventh in a series, 12 Days of HaXmas, where we take a look at some of more notable advancements and events in the Metasploit Framework over the course of 2014. Since today happens to be the last day of the year, let's take a moment to reflect on another year of amazing Metasploit exploit development, and see what we've all been up to over the course of 2014. Of course, when I say "we," I really do mean all of us -- if you're reading this blog, more likely than not, you're par

3 min Open Source

Metasploit Weekly Update: On Breaking (and Fixing!) Security Software

Attacking Security Infrastructure This week, one module stands out for me: the Symantec Endpoint Protection Manager Remote Command Execution [http://www.metasploit.com/modules/exploit/windows/antivirus/symantec_endpoint_manager_rce] by xistence [https://github.com/xistence], who built on the proof-of-concept code from Chris Graham [http://www.exploit-db.com/exploits/31853/], who turned that out after Stefan Viehbock's disclosure from last week. You can read the full disclosure text from SEC Co

5 min Open Source

Weekly Update: OpSec in Open Source Projects

The weekly Metasploit update is out, and I wanted to highlight three modules that landed in the last week, all of which target open source software. It's easy to drink the FOSS Kool-Aid, and talk about how it's more inherently secure than secret source software, but sadly, security is Hard Work, even in happy-hippie open source land. OpenX Backdoored First, a little background -- Heise Security reported that the OpenX open source ad server got itself backdoored [http://www.heise.de/security/mel

0 min Metasploit

SecureNinjaTV Interview: Tod Beardsley About Metasploit 10th Anniversary

At Black Hat 2013 in Vegas this year, our very own Tod Beardsley was cornered by SecureNinja TV and social engineered into giving an interview. Here is the result - captured for eternity: [http://www.youtube.com/watch?v=yFHA5F2crFE&feature=youtu.be]

5 min Exploits

Security Death Match: Open Source vs. Pay-for-Play Exploit Packs

In the blue corner: an open-source exploit pack. In the red corner: a pay-for-play incumbent. As a security professional trying to defend your enterprise against attacks, which corner do you bet on for your penetration tests? What's the goal of the game? Okay, this is a loaded question, because it really depends on what your goal is. If you are like 99% of enterprises, you'll want to protect against the biggest and most likely risks. If you are the 1% that comprise defense contractors and the