3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 4/23/21
New session validation enhancements across command shell types verify sessions have been established and are responsive before they can be used. Plus, JSON RPC service improvements, three new modules, and more fixes and enhancements.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 4/2/21
Six new modules targeting F5, SaltStack, Exchange Server, and more, plus some significant performance improvements and fixes.
4 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: Mar. 19, 2021
A local exploit for a Windows Server 2012 DLL hijacking vulnerability, plus a slew of fixes and improvements.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 12/4/20
It's CTF week(end)! Plus, steal files from Apache Tomcat servers thanks to a new Ghostcat exploit, and dump process memory with a new post module that leverages Avast AV's built-in AvDump utility.
2 min
This One Time on a Pen Test
This One Time on a Pen Test: CSRF to Password Reset Phishing
In the latest edition of our "This One Time On a Pen Test" series, we take a look at an engagement featuring Cross-site request forgery attacks.
1 min
Under the Hoodie
Behind the Scenes: Under the Hoodie 2020 Video Series
In this blog, we take you on a behind-the-scenes look at the making of our 2020 Under the Hoodie video series.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 11/13/20
Four new modules, including an exploit for SaltStack Salt and an exploit for a now-patched vuln in Metasploit, plus new enhancements and fixes.
2 min
This One Time on a Pen Test
This One Time on a Pen Test: How I Hacked a Self-Driving Car
In our latest edition of "This One Time on a Pen Test," we take a deeper look at an engagement involving a self-driving car.
1 min
Penetration Testing
This One Time on a Pen Test: Thanks for Sharing Your Wi-Fi
In this iteration of our "This One Time on a Pen Test" series, our client was a private equity company, and the task was to do an onsite wireless pen test from the lobby outside their office.
2 min
This One Time on a Pen Test
This One Time on a Pen Test: Doing Well With XML
In the latest edition of "This One Time on a Pen Test," we discuss a classic web application engagement involving XML.
2 min
This One Time on a Pen Test
This One Time on a Pen Test: I Know...Everything
In the latest edition of "This One Time on a Pen Test," we follow a Rapid7 penetration tester as they perform an internal network engagement.
2 min
This One Time on a Pen Test
This One Time on a Pen Test: Ain’t No Fence High Enough
In this edition of "This One Time on a Pen Test," we discuss an engagement with for an energy company with a high-fence compound.
2 min
Penetration Testing
This One Time on a Pen Test: How I Outwitted the Vexing VPN
In this edition of "This One Time on a Pen Test," we discuss outwitting the vexing VPN.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: Sep. 11, 2020
Three new modules, including a Pwn2Own addition for OS X, plus proxy support for Python Meterpreter, new search improvements, and a reminder of how to report security issues in Metasploit.
2 min
Penetration Testing
This One Time on a Pen Test: I’m Calling My Lawyer!
In this engagement, Rapid7 pen testers were tasked to identify sensitive information, harvest credentials, and obtain a reverse shell on their machines.