2 min
Penetration Testing
This One Time on a Pen Test: Playing Social Security Slots
This post is part of an ongoing series featuring testimonials of what goes on beneath the hoodie during Rapid7 penetration testing engagements.
5 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 8/7/20
Metasploit 6 initial features and active development, the 2020 open-source security meetup (OSSM), four new modules, and the longest list of enhancements and fixes we've ever written in one sitting.
3 min
Penetration Testing
The Importance of Pen Testing for Startups
Recently, we sat down with Intenseye's Sercan Esen and Serhat Cillidag to discuss developing robust security programs for startup environments.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 6/5/20
vBulletin, WordPress, and WebLogic exploits, along with some enhancements and fixes.
3 min
Risk Management
Meet AttackerKB
Meet AttackerKB: a new community-driven resource that highlights diverse perspectives on which vulnerabilities make the most appealing targets for attackers.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 4/10/20
Meterpreter bug fixes and five new modules, including an LPE exploit for SMBghost (CVE-2020-0796) and a BloodHound post module that gathers information (sessions, local admin, domain trusts, etc.) and stores it as a BloodHound-consumable ZIP file in Framework loot.
4 min
Penetration Testing
Lessons Learned from an Unlikely Path to My OSCP Certification
In this blog, our own Patrick Laverty discusses lessons learned from his path to a Offensive Security Certified Professional (OSCP) certification.
5 min
Penetration Testing
Ask a Pen Tester Q&A, Part 2: Everything You Need to Know About the Art of Penetration Testing
We sat down with our own penetration testers to answer some of your questions about what exactly pen testing entails.
3 min
Penetration Testing
What You Need to Know to Get Started in the Penetration Testing Field
In this blog, we sat down with our own penetration testers to answer some of your questions to help get you started in the field.
7 min
Penetration Testing
This One Time on a Pen Test, Halloween Edition: An Ode to Our Favorite Pen Tester Disguises
In honor of Halloween, we wanted to celebrate by sharing a few of our Rapid7 pen testers’ costumed crusades.
2 min
Penetration Testing
This One Time on a Pen Test: “Let Me Get That for You”
In this blog, we discuss how our team successfully gained access to a client's physical building in an unlikely way.
1 min
Penetration Testing
This One Time on a Pen Test: Our Accidental Win
In this blog, we recall one pen test where a placeholder password we put in actually worked with one login account.
1 min
Penetration Testing
This One Time on a Pen Test: What’s in the Box?
Here is the story of how one of our penetration testers exploited ExternalBlue on a rogue access point.
2 min
Penetration Testing
This One Time on a Pen Test: The Pizza of Doom
Here is the story of how I bypassed physical security controls by posing as a pizza delivery guy and showing up to my client site with a pizza pie.
2 min
Penetration Testing
This One Time on a Pen Test: Your Mouse Is My Keyboard
In one engagement, we were tasked with compromising the internal network of a facility that was used for medical trials. Here's what happened.