Posts tagged Penetration Testing

3 min Penetration Testing

This One Time on a Pen Test: “Let Me Get That for You”

In this blog, we discuss how our team successfully gained access to a client's physical building in an unlikely way.

1 min Penetration Testing

This One Time on a Pen Test: Our Accidental Win

In this blog, we recall one pen test where a placeholder password we put in actually worked with one login account.

2 min Penetration Testing

This One Time on a Pen Test: What’s in the Box?

Here is the story of how one of our penetration testers exploited ExternalBlue on a rogue access point.

2 min Penetration Testing

This One Time on a Pen Test: The Pizza of Doom

Here is the story of how I bypassed physical security controls by posing as a pizza delivery guy and showing up to my client site with a pizza pie.

2 min Penetration Testing

This One Time on a Pen Test: Your Mouse Is My Keyboard

In one engagement, we were tasked with compromising the internal network of a facility that was used for medical trials. Here's what happened.

2 min Penetration Testing

This One Time on a Pen Test: Nerds in the NERC

Here is the story of how we gained access to a NERC CIP control room in a power plant as part of a penetration testing engagement.

3 min Penetration Testing

This One Time on a Pen Test: Missed a Spot

In this penetration testing story, Ted Raffle discusses how even strong security controls and threat mitigation can miss the mark when only one or two systems fall through the cracks.

13 min Penetration Testing

Ask a Pen Tester: Q&A with Rapid7 Penetration Tester Aaron Herndon

Recently, we gave our customers the opportunity to ask members of our penetration testing services team any burning questions they have.

2 min Penetration Testing

This One Time on a Pen Test: How I Compromised a Healthcare Portal Before My Hot Cocoa Went Cold

Here is the story of how I used a simple SQL injection attack to compromise a healthcare portal.

2 min Under the Hoodie

This One Time on a Pen Test: Paging Doctor Hackerman

In this blog, one of our penetration testers tells the story of how he hacked X-ray machine and got the keys to the entire network.

2 min Research

[Research] Under the Hoodie, 2019 Edition: Lessons Learned from 180 Penetration Tests

Our 2019 Under the Hoodie report covers the measurable results of about 180 penetration tests conducted by Rapid7. Find out what we learned.

3 min Rapid7 Perspective

How to Start a Career in Cybersecurity: From Stay-at-Home Mom to Security Pro-in-Training

My name is Carlota Bindner, and here is my story on how I went from being a stay-at-home mom and community volunteer to participating in Rapid7's Security Consultant Development Program.

3 min Phishing

Lessons from a Pen Test: The Power of a Well-Researched and Well-Timed Phishing Email

On a recent pen test, Steve Laura saw just how effective phishing emails can be with the right research and timing.

3 min Penetration Testing

No DA? No Problem! How Attackers Can Access Sensitive Data without Escalated Privileges

When pen testers look at your network, one of their main goals is privilege escalation. However, there is still plenty of ways to access sensitive data without this access.

4 min Penetration Testing

Why a 17-Year Veteran Pen Tester Took the OSCP

Why would a 17-year veteran penetration tester undergo the somewhat costly, time-consuming, and challenging ordeal to obtain what may be considered an entry-level certification?