Posts tagged Open Source

4 min Detection and Response

Velociraptor Version 0.6.5: Table Transformations, Multi-Lingual Support, and Better VQL Error-Handling Let You Dig Deeper Than Ever

Rapid7 is pleased to announce the release of Velociraptor version 0.6.5 – an advanced, open-source digital forensics and incident response (DFIR) tool.

1 min Security Nation

[Security Nation] Steve Micallef of SpiderFoot on Open-Source Intelligence

In this episode, Jen and Tod chat with Steve Micallef about SpiderFoot, the open-source intelligence tool of which he is the creator and founder.

1 min Security Nation

[Security Nation] Phillip Maddux on HoneyDB, the Open-Source Honeypot Data Project

In this episode, Jen and Tod chat with Phillip Maddux about HoneyDB, a site that collates data from honeypots around the world in an open-source format.

2 min Security Nation

[Security Nation] Jim O’Gorman and g0tmi1k on Kali Linux

In this episode of Security Nation, Jen and Tod sit down with Jim O’Gorman and Ben “g0tmi1k” Wilson of Offensive Security to chat about Kali Linux.

7 min Detection and Response

Velociraptor Version 0.6.4: Dead Disk Forensics and Better Path Handling Let You Dig Deeper

Rapid7 is pleased to announce the release of Velociraptor version 0.6.4 – an advanced, open-source digital forensics and incident response (DFIR) tool.

3 min Vulnerability Management

An Inside Look at CISA’s Supply Chain Task Force

In this guest post, Rapid7 customer Chad Kliewer writes about his experience on CISA's new task force created to enhance supply chain resilience.

1 min Security Nation

[Security Nation] Matthew Kienow on Open-Source Security and the Recog Framework

In this episode of Security Nation, Jen and Tod chat with Matthew Kienow, Senior Software Engineer at Rapid7, about open-source security.

4 min Research

Evolving How We Share Rapid7 Research Data

Our goal for Open Data has been to enable others to participate in these efforts, increasing the positive impact across the community.

2 min Security Nation

[Security Nation] Mike Hanley of GitHub on the Log4j Vulnerability

In our first episode of Security Nation Season 5, Jen and Tod chat with Mike Hanley, Chief Security Officer at GitHub, all about the major vulnerability in Apache’s Log4j logging library.

3 min Research

Open-Source Security: Getting to the Root of the Problem

The past few weeks have shown us the importance and wide reach of open-source security.

3 min Metasploit

Metasploit Wrap-Up

GitLab RCE New Rapid7 team member jbaines-r7 [https://github.com/jbaines-r7] wrote an exploit targeting GitLab via the ExifTool command. Exploiting this vulnerability results in unauthenticated remote code execution as the git user. What makes this module extra neat is the fact that it chains two vulnerabilities together to achieve this desired effect. The first vulnerability is in GitLab itself that can be leveraged to pass invalid image files to the ExifTool parser which contained the second v

4 min Detection and Response

Security at Scale in the Open-Source Supply Chain

Securing supply chains based on open-source software requires scalable vulnerability management and vigilant monitoring.

13 min Vulnerability Disclosure

Multiple Open Source Web App Vulnerabilities Fixed

While it's never great to learn of new vulnerabilities in your own product, all three project maintainers accepted, validated, and provided fixes for these vulnerabilities within one day, which is amazing when it comes to vulnerability disclosure.

3 min News

Rapid7 and Velociraptor Join Forces

Rapid7 has acquired a digital forensics and incident response (DFIR) framework called Velociraptor.

3 min Vulnerability Risk Management

Meet AttackerKB

Meet AttackerKB: a new community-driven resource that highlights diverse perspectives on which vulnerabilities make the most appealing targets for attackers.