Under the Hoodie 2019

Research, stories, and findings from Rapid7 penetration tests

Up next:

Pinpoint Your Problem Areas with the Pros

With our “Under the Hoodie” report revealing that 96% of penetration testing engagements saw at least one vulnerability exposed to attackers, it’s clear that penetration testing remains an essential component of a holistic vulnerability management strategy. With Rapid7 penetration testing services, you get a real-world view of how attackers could exploit your vulnerabilities, along with guidance on how to stop them.

Test your skills or hire a professional.

So You Think You Can Hack...

Our latest Under the Hoodie report shows that social engineering is here to stay for attackers. Whether you’re a pen tester or a security pro, these are the attack techniques you need to be aware of when shoring up (or testing) your defenses.

Ready to show off your skills? Good luck!

Finished! Your score: /10
Restart Quiz
Note the URI prefix associated with each “attachment.” The first image (A) has the URI with the familiar https://mail.google prefix. The second image (B) isn’t actually an attachment at all, but an image with a web link. Attackers (or pen testers) may use lookalike graphics, images, and links to lure recipients into a false sense of safety, only to click on corrupt files or be led to lookalike domains where they forfeit over credentials into hackers’ waiting hands.

Some See a Hacker. We See an Expert.

Rapid7 offers our cloud SIEM, InsightIDR, as well as a range of penetration testing services to meet the needs of security and IT professionals. Let us show you how we leverage industry and attacker knowledge to help you bolster your defenses.

Dig into the Dark Art

This One Time on a Pen Test: “Let Me Get That for You”
Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. This post is part of an ongoing series featuring testimonials of what goes on beneath the hoodie. For more insights, check out our 2019 Under the Hoodie report. I was sent...
Trevor O'Donnal
Oct 04, 2019
Read More
This One Time on a Pen Test: Our Accidental Win
Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. This post is part of an ongoing series featuring testimonials of what goes on beneath the hoodie. For more insights, check out our 2019 Under the Hoodie report. One day,...
Ted Raffle
Sep 25, 2019
Read More
This One Time on a Pen Test: What’s in the Box?
Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. This post is part of an ongoing series featuring testimonials of what goes on beneath the hoodie. For more insights, check out our 2019 Under the Hoodie report. Recently,...
Ted Raffle
Sep 19, 2019
Read More

More Rapid7 Research

At Rapid7, our researchers wear many hats, not just hoodies. Be sure to check out more of our research to see the latest and greatest in the security world.

Learn More