Posts by Dev Mohanty

3 min Metasploit Weekly Wrapup

Metasploit Wrapup

2018: a new year, new vulns, and endless opportunities to exploit them. The Metasploit community is kicking off the year with a variety of new content, functionality, research, and coordinated vulnerability disclosure. New Year, New Vulns After a couple months of coordinated disclosure work, long-time Metasploit contributor Karn Ganeshen [] offered up a handful of modules and a couple mixins for testing wireless routers from Cambium Networks [https://www.cambiumnetwor

2 min Metasploit Weekly Wrapup

Metasploit Wrapup

Metasploit kicked November off to a roaring start with a wholesome dose of RCE, LPE, command injection, DoS, and more fixes/improvements. So many file choosers…but which one to choose? Big ups to @RootUP for the DoS module [] targeting a vulnerability in IBM’s Lotus Notes [] client (CVE-2017-1130). The DoS module targets the web interface via malicious JavaScript (😱). An enterprising ‘sploiter can s

3 min Metasploit

Exploitable Vulnerabilities: A Metasploit-Vulnerability Management Love Story

Integrating InsightVM [] or Nexpose [] (Rapid7's vulnerability management solutions []) with Metasploit [] (our penetration testing solution []) is a lot like Cupid playing “matchmaker” with vulnerabilities and exploit modules [