3 min
How to Use Metasploit Teradata Modules
As penetration testers, we often find ourselves working with applications and
services that are new to us or uncommon. In one such case, I performed an
internal network penetration test that was focused exclusively on a handful of
Teradata database servers. To test for weak passwords, I had cobbled together a
Windows batch file that would wrap username and password lists around Teradata’s
bteq application. However, one thing I wanted to do was come back sometime and
build a proper Metasploit log
3 min
Azure
Azure Security Center and Active Directory Now Integrate with the Rapid7 Platform
Today, we announced
continued, more comprehensive development of the integration between the Rapid7
Insight platform and Microsoft Azure.
A new integration with Azure Security Center makes it easy to deploy the Rapid7
unified Insight Agent across new and existing Azure Virtual Machines. This
automated deployment enables InsightVM customers to maintain constant visibility
into the assets, vulnerabilities, and
3 min
Metasploit Weekly Wrapup
Metasploit Wrapup: 7/13/18
Committing to some shells in GitList
Shelby has been killing it with new exploit and
aux modules by the day. In this iteration, she's produced an exploit
for GitList 0.6.0
and likely older versions. The software is built on PHP and allows users to view
a Git repo on the web. Through an argument injection, a fake pager
can be executed... that is really
our shell
13 min
Your Black Hat 2018 Survival Guide
Our security team knows a thing or two about conquering a conference – making
the most out of the day and night. So the team got together to share their
personal recommendations on things to do and things to know in this handy Black
Hat 2018 Survival Guide.
We’ve got you covered on all things Black Hat.
* Getting Around – Monorail, shuttle services, and hotels
* Where to Party – The full list of official and unofficial parties
* Recoup and Recover – There are a ton of spots to escape the c
5 min
Penetration Testing
How to Build Your Own Caller ID Spoofer: Part 2
In Part 1 , we
talked about the need for organizations to test their security programs by
performing social-engineering campaigns with their employees so they can
understand employee susceptibility to these kinds of tactics, the potential
impact to the organization of this kind of attack, and develop methods of
defending against a real attack. We spoke about the need for accurately
simulating threat actors by setting up an Asterisk PBX
4 min
SOAR
Building a Tech Stack to Enable Security Orchestration and Automation
In this blog post, we explore how to plan for security orchestration and automation while building out your technology stack. Learn more.
5 min
Threat Intel
How to Automate Identifying and Take Down Malicious Social Media Profiles
Here is how Rapid7 has automated the process of identifying and taking down fake social media profiles to help companies proactively identify these scams.
1 min
Metasploit
Metasploit Wrapup 7/6/18
New Modules
Exploit modules (3 new)
* Nagios XI Chained Remote Code Execution
by Benny Husted , Cale Smith
, and Jared Arave
, which exploits CVE-2018-8736.
Monitor this series of unfortunate events all the way to magical shells.
* Boxoft WAV to MP3 Converter v1.1 Buffer Overflow
3 min
Threat Intel
15 Technologies and Tools Commonly Used in Dark Web Black Markets
Here is our list of 15 common technologies and tools used by cybercriminals to access and communicate via the dark web.
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup: 6/29/18
Moar Power
OJ Reeves added
two new PowerShell
transport functions to Metasploit payloads and made modifications to the
PowerShell transport binding functionality. The aptly-named Add-TcpTransport
function adds an active TCP transport to the current session and the
Add-WebTransport function adds an HTTP/S transport to the current session. These
functions are fully documented, allowing the user to leverage the Ge
3 min
Automation and Orchestration
Do You Need Coding Resources on Your Security Team?
Often when security teams think about security automation, they worry they don’t
have the coding capabilities needed to create, implement, and maintain it.
Pulling development resources from the IT team or engineering department can
take time; backlogs are long, and revenue-generating projects tend to take
priority. Another option is to hire an IT consultant, but this can be pricey and
may not be sustainable long-term.
Instead, some security teams try to find the coveted “unicorn:” a security p
3 min
Kubernetes Security
Analyzing Activity on Kubernetes Ports: Potential Backdooring Through the Kubelet API
Recently at Rapid7 Labs, we’ve noticed an increase in activity on ports related
to the management of a Kubernetes
cluster. In this
post, we provide background context to Kubernetes and how it relates to the
issues we see, as well as offer some guidance for securing a Kubernetes cluster.
These days, more and more people are deploying their software using container
services such as Docker. Containers make it easy for developers to replica
3 min
Application Security
Why Mastering Application Security Basics Matters
In a recent conversation with a Rapid7 application security customer, I was
reminded how much of a security practitioner’s day can be consumed by
troubleshooting buggy tools and manually executing the same tasks over and over
again (needlessly, may I add). As much as we’d like to think that security
professionals’ time is being efficiently utilized, oftentimes inadequate tools,
a lack of automation, and organizational silos impede SecOps-driven progress. As
an application security vendor, we lik
2 min
InsightIDR
Deception Technology in InsightIDR: Setting Up Honeypots
In order to overcome the adversary, we must first seek to understand. By
understanding how attackers operate, and what today’s modern network looks like
from an attacker’s perspective, it’s possible to deceive an attacker, or at
least have warning around internal network compromise. Today, let’s touch on a
classic deception technology
that continues to
evolve: the honeypot.
Honeypots are de
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup: 6/22/18
Welcome to another installment of the week! This installment features a new
ETERNALBLUE module in everyone's favorite reptile-brain language, Python!
Sporting support for Windows 8 and 10, it has everything you need, including
immutable strings and enforced whitespace.
In other Windows 10 news, chervalierly fixed an
annoying bug in rex-powershell that prevented PsExec from working on later
versions of Windows 10. Now, you can PsExec to your heart’s content. Go f