4 min
Detection and Response
Velociraptor Version 0.6.5: Table Transformations, Multi-Lingual Support, and Better VQL Error-Handling Let You Dig Deeper Than Ever
Rapid7 is pleased to announce the release of Velociraptor version 0.6.5 – an advanced, open-source digital forensics and incident response (DFIR) tool.
1 min
Security Nation
[Security Nation] Steve Micallef of SpiderFoot on Open-Source Intelligence
In this episode, Jen and Tod chat with Steve Micallef about SpiderFoot, the open-source intelligence tool of which he is the creator and founder.
1 min
Security Nation
[Security Nation] Phillip Maddux on HoneyDB, the Open-Source Honeypot Data Project
In this episode, Jen and Tod chat with Phillip Maddux about HoneyDB, a site that collates data from honeypots around the world in an open-source format.
2 min
Security Nation
[Security Nation] Jim O’Gorman and g0tmi1k on Kali Linux
In this episode of Security Nation, Jen and Tod sit down with Jim O’Gorman and Ben “g0tmi1k” Wilson of Offensive Security to chat about Kali Linux.
7 min
Detection and Response
Velociraptor Version 0.6.4: Dead Disk Forensics and Better Path Handling Let You Dig Deeper
Rapid7 is pleased to announce the release of Velociraptor version 0.6.4 – an advanced, open-source digital forensics and incident response (DFIR) tool.
3 min
Vulnerability Management
An Inside Look at CISA’s Supply Chain Task Force
In this guest post, Rapid7 customer Chad Kliewer writes about his experience on CISA's new task force created to enhance supply chain resilience.
1 min
Security Nation
[Security Nation] Matthew Kienow on Open-Source Security and the Recog Framework
In this episode of Security Nation, Jen and Tod chat with Matthew Kienow, Senior Software Engineer at Rapid7, about open-source security.
4 min
Research
Evolving How We Share Rapid7 Research Data
Our goal for Open Data has been to enable others to participate in these efforts, increasing the positive impact across the community.
2 min
Security Nation
[Security Nation] Mike Hanley of GitHub on the Log4j Vulnerability
In our first episode of Security Nation Season 5, Jen and Tod chat with Mike Hanley, Chief Security Officer at GitHub, all about the major vulnerability in Apache’s Log4j logging library.
3 min
Research
Open-Source Security: Getting to the Root of the Problem
The past few weeks have shown us the importance and wide reach of open-source security.
3 min
Metasploit
Metasploit Wrap-Up
GitLab RCE
New Rapid7 team member jbaines-r7 [https://github.com/jbaines-r7] wrote an
exploit targeting GitLab via the ExifTool command. Exploiting this vulnerability
results in unauthenticated remote code execution as the git user. What makes
this module extra neat is the fact that it chains two vulnerabilities together
to achieve this desired effect. The first vulnerability is in GitLab itself that
can be leveraged to pass invalid image files to the ExifTool parser which
contained the second v
4 min
Detection and Response
Security at Scale in the Open-Source Supply Chain
Securing supply chains based on open-source software requires scalable vulnerability management and vigilant monitoring.
13 min
Vulnerability Disclosure
Multiple Open Source Web App Vulnerabilities Fixed
While it's never great to learn of new vulnerabilities in your own product, all three project maintainers accepted, validated, and provided fixes for these vulnerabilities within one day, which is amazing when it comes to vulnerability disclosure.
3 min
News
Rapid7 and Velociraptor Join Forces
Rapid7 has acquired a digital forensics and incident response (DFIR) framework called Velociraptor.
3 min
Vulnerability Risk Management
Meet AttackerKB
Meet AttackerKB: a new community-driven resource that highlights diverse perspectives on which vulnerabilities make the most appealing targets for attackers.