Incident Response Services
Penetration Testing Services
IoT Security Services
Training & Certification
Managed Vulnerability Management
Managed Application Security
Managed Detection & Response
Find a Partner
Rapid7 Insight is your home for SecOps, equipping you with the visibility, analytics, and automation you need to unite your teams and amplify efficiency.
Insight Platform Overview Try Now
User Behavior Analytics & SIEM
Orchestration & Automation
Need a hand with your security program? From planning and strategy to full service support, our experts have you covered.
Need immediate help with a breach?
DoublePulsar is an implant leaked by the ShadowBrokers group earlier this year that enables the execution of additional malicious code. It's commonly delivered by the EternalBlue exploit, and is most famous from its recent use to deploy the Wanna Decryptor 2.0 (WannaCry) ransomware. Even with industry leading AV, IDS, and VM solutions, DoublePulsar attacks have been proven difficult to prevent and detect.
But have no fear. Rapid7’s security solutions are uniquely able to detect and prevent the use of the DoublePulsar implant. Metasploit Pro can quickly identify vulnerable systems, InsightIDR can detect suspicious windows service payloads like DoublePulsar, and InsightVM can help you identify which systems are vulnerable to exploits like EternalBlue, as well as create a remediation plan to get them fixed quickly.
Below, get a free trial of Metasploit Pro to see quickly if your systems are vulnerable. We've also compiled a number of resources to help you take immediate action to prepare for and defend against DoublePulsar.
Find out with a free Metasploit Pro trial
All fields are mandatory.
Use Metasploit Pro to identify vulnerable systems: MS17-010 SMB RCE Detection
Use the EternalBlue exploit in Metasploit Pro to verify vulnerability: MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
[BLOG] EternalBlue: Metasploit Module for MS17-010Learn about EternalBlue, the exploit commonly used to deliver DoublePulsar.
Wanna Decryptor 2.0 (WannaCry) Explained and Recommended Actions Learn about Wanna Decryptor, the ransomware commonly deployed with DoublePulsar.
[BLOG] The ShadowBrokers Leaked Exploits ExplainedLearn about the ShadowBrokers, the group that leaked DoublePulsar.
We know this is a lot to take in. If you have specific questions or would like further assistance, we're here to help. Please contact us at +1–866–7RAPID7 (Toll Free) or +1–617–247–1717. Get international contact information here.