1 min
Metasploit
Announcement: End of Life for Metasploit Express Edition
Today, June 4th, 2018, Rapid7 announced that Metasploit Express edition will see
end of life on June 4th, 2019. This is being done to focus efforts on
Metasploit
Pro , which continues to
be a major investment for Rapid7 and will consistently see new innovations.
Milestone Description Date End of life announcement date The date that the end
of life date has been announced to the general public. June 4th, 2018 Last date
of support The last da
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup 6/1/18
Upgrade Your SOCKS
Thanks to zeroSteiner , we have some very nice
additions to the SOCKS5 library this week. His changes enabled BIND connections
through the SOCKS5 proxy
, improved automated
testing around the code, and broke it up into more manageable, targeted
submodules. Now that Trevor’s dying wish
has been fulfilled, the
team can finally leave
6 min
Managed Detection and Response (MDR)
Managed Threat Detection and Response Vendors: Questions You Need to Ask
In this post, Wade Woolwine, managed services director of technology at Rapid7,
details our approach to managed detection and response: visibility, analytics,
and arming our analysts with smart, customizable automation.
Defending the modern enterprise is hard work. Between the need for
round-the-clock coverage, technology to provide full visibility across the
expanding enterprise, a highly skilled and experienced team, and the business
level pressure to “prevent a breach,” there is little wonde
4 min
InsightVM
How to Streamline Your Vulnerability Remediation Workflows with InsightVM Projects
If you’re like many security practitioners, you spend a lot of time working with
spreadsheets. Whether you’re trying to prioritize your findings or distribute
work to remediation teams, an all-too-common workflow is to export this data
into a spreadsheet to then be sorted, filtered, copied, and distributed.
This tedious, manual effort seems to be the standard for vulnerability
management programs
everywhere, but with our vulnerabil
3 min
Metasploit Weekly Wrapup
Metasploit Wrapup 5/25/18
Bonjour!
Que désirez-vous?
We want to know what you'd like to see out of our latest Metasploit
improvements. Please take a moment to fill out our community survey to help
shape Metasploit's new backend data service. Tell us how you use the Metasploit
database, which Metasploit data you use with other tools, how you need to store
data from modules you've written, and so on. Please take our survey!
3 min
What the Heck is Drive-By Cryptomining?
It sounds like a cross between a slightly terrifying violent gang activity and a
silly metaphor for drugery.Actually, that’s about right.
Let’s start with the cryptomining part. For the uninitiated, Cryptomining
is the process of doing computing work to earn cryptocurrency.
The basis of cryptocurrency is a shared cryptographic ledger. You need a lot of
computing power to process the
6 min
Penetration Testing
How to Build Your Own Caller ID Spoofer: Part 1
Purpose
Organizations with mature security programs often test their own internal
awareness programs by performing social engineering campaigns (e.g., telephone
pretexting) on their personnel. These may include hiring third-party consulting
companies as well as performing internal tests. These tests should strive to be
as real-world as possible in order to accurately simulate a malicious actor and
learn from employees’ reactions and ascertain the level of risk they pose to the
organization.
Spo
3 min
Metasploit Weekly Wrapup
Metasploit Wrapup 5/18/18
You Compile Me
Our very own wchen-r7 added the ability to compile
C code in metasploit, including (select) dependencies by creating a wrapper for
metasm. Right now, support for windows.h is the first salvo in custom compiling
tools within the metasploit interface!
Hack all the things!
For a long time, people have asked us to support RHOSTS in exploits just like we
do in AUX modules. We listened, and now framework exploits support RHOSTS! Set
your exploit, your
1 min
Phishing
Whiteboard Wednesday: The Two Components of Phishing Protection Your Security Strategy Needs
You’re no stranger to the threat of phishing. It’s everywhere, and plays a role
in 92% of breaches, according to the Verizon Data Breach Digest
. Last month, during the first installment of our phishing Whiteboard Wednesday
series, we talked about the key components of an anti-phishing program, and this
month we’re continuing the series by diving even deeper
2 min
InsightIDR
Rapid7 Quarterly Threat Report: 2018 Q1
Spring is here, and along with the flowers and the birds, the pollen and the
never-ending allergies, we bring you 2018’s first Quarterly Threat Report
! For the
year’s inaugural report, we pulled an additional data set: significant events.
While we like to look at trends in alerts over time, there is almost never a
one-alert-per-incident correlation. Adversary actions involve multiple steps,
which generate multiple alerts, and aft
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup: 5/11/18
Chaining Vulnerabilities
Philip Pettersson discovered vulnerabilities in certain PAN OS versions
that could lead to remote code
execution and hdm wrote a Metasploit module for the exploit chain
. The exploit chain
starts off with an authentication bypass, which allows the module to access a
page that is vulnerable to an XML injection. This page is then used to create a
directory where a pay
4 min
InsightIDR
Unifying Security Data: How to Streamline Endpoint Detection and Response
Collecting data from the endpoint can be tedious and complex (to say the least).
Between the data streaming from your Windows, Linux, and Mac endpoints, not to
mention remote authentication and the processes running on these assets, there
is a lot of information to gather and analyze. Unless you have a deep knowledge
of operating systems to build this yourself—or additional budget to add these
data streams to your SIEM tool —it
may not be feasible for y
3 min
Penetration Testing
Password Tips From a Pen Tester: 3 Passwords to Eliminate
Every week, Rapid7 conducts penetration testing services for organizations that
cracks hundreds—and sometimes thousands—of passwords. Our current password trove
has more than 500,000 unique passwords that have been collected over the past
two years. Where do these come from? Some of them come from Windows domain
controllers and databases such as MySQL or Oracle; some of them are caught on
the wire using Responder , and some
are pulled out of memory wi
3 min
CIS Controls
Critical Control 16: Account Monitoring and Control
This is a continuation of our CIS critical security controls blog series, which
provides educational information regarding the control of focus as well as tips
and tricks for consideration. See why SANS listed Rapid7 as the top solution
provider addressing the CIS top 20 controls
.
What is CIS Critical Control 16?
In the world of InfoSec, the sexy stuff gets all the attention. Everybody wants
the latest and greatest next-gen produc
3 min
Metasploit Weekly Wrapup
Metasploit Wrapup 5/4/18
May the fourth be with you…
Get comfortable, put on your headphones or turn up your speaker volume, and
enjoy this guitar rendition of the
Ewok Celebration, commonly known as Yub Nub
while catching up on
Metasploit updates for the week.
PHP Debugging
Xdebug is an extension for PHP to facilitate development
by providing interactive debugging capabilities and much more. On an