10 min
Deep Dive Into Stageless Meterpreter Payloads
Metasploit has long supported a mixture of staged and stageless payloads within
its toolset. The mixture of payloads gives penetration testers a huge collection
of options to choose from when performing exploitation. However, one option has
been missing from this collection, and that is the notion of a stageless
Meterpreter payload. In this post, I'd like to explain what this means, why you
should care, and show how the latest update to Metasploit and Meterpreter
provides this funky new feature
5 min
Using Host Tagging in Metasploit for Penetration Testing
Hello my fellow hackers! Tag, you're it!
For today's blog post, I'd like to talk about host tagging a little bit in
Metasploit. If you are a penetration tester, a CTF player, or you just pop a lot
of shells like a rock star, then perhaps this will interest you. If you have
never used this kind of feature, then hopefully this blog post will bring you a
new idea on how to approach host management.
So what is host tagging? Well, the idea is simple really. It's a way to label
your targets and make
7 min
Logentries
The Flexbox Paradigm: CSS3 Layout for Today’s Applications
Introduction
Controlling the layout of web pages and applications has always been a little
tricky. In the beginning, there were almost no mechanisms for page layout, other
than some basic formatting of html tags. We could apply some font styling, add
background colors, and with the use of paragraph’s and line breaks could achieve
some block spacing.
With the introduction and evolution of CSS, it gave us further control, but more
importantly, control over the elements box model. We could now f
3 min
Events
The Return of Rapid7 Rapid Fire: A spirited infosec debate, round 3
The topics: Controversial. The answers: Unfiltered. The alcohol: Plentiful.
I'm talking about Rapid7 Rapid Fire -- it's happening for a third time this June
in Boston. Bonus: This year, It's totally free and open to the public, so please
join us!
What is it?
It's a panel debate where we ask some big names in infosec to argue for or
against a number of controversial topics in our field. To make things
interesting, the panelists are often asked to debate a side of the argument they
might not ev
4 min
Logentries
MongoDB Log Analytics
MongoDB 3.0 is now available! If you are new to MongoDB or upgrading from 2.6,
you will enjoy all of the new features including document-level locking, better
write performance, big memory support, and more. Additionally, to improve
usability of the log messages for diagnosis, MongoDB now categorizes some log
messages under specific components, operations, and provides the ability to set
the verbosity level for these components.
Today, Logentries is launching a new Community Pack for MongoDB
3 min
Weekly Metasploit Wrapup: Stageless Meterpreter and the Revenge of Stuxnet
Stageless Meterpreter
Remember the Metasploit Pop Quiz we ran
about a month back? Well, we got tons of support from you, the Metasploit users,
and have been picking out what you want to see and have started turning those
wishes into reality. I know HD , Brent
, and OJ are
working up a much more exhaustive blog post for next week to lay out what's
going where and
4 min
Securing Credit Lines: Eating Our Own Dogfood
We InfoSec (or cybersecurity) folks, we're full of all kinds of sage wisdom:
“Put a password on your phone, tell it to self destruct after 10 failed
attempts” … check!
“Set up WPA2 on your home network!” … check!
“Install patches as fast as you can!” … (well, as best as I can?) …check!
“Freeze your credit reports!” … static
“Dogfooding ” (verb,
slang) is a term used to reference a scenario in which a company uses its own
product to va
2 min
IT Ops
New Logentries Cookbook for Chef
We have
released our logentries_agent cookbook to supermarket.chef.io
! You can check out the
docs here, or I’ve
developed the following brief tutorial to walk you through how to automate your
installation of the Logentries Linux Agent
in your own infrastructure.
First off, I
2 min
Are you really protected against Group Policy Bypass and Remote Code Execution? MS15-011 & MS15-014
In February, Microsoft published two hotfixes to address issues with Group
Policies.
* Microsoft Security Bulletin MS15-011 - Critical
* Microsoft Security Bulletin MS15-014 - Important
Together, these patches address the following issues:
* CVE-2015-0008 MS15-011: Vulnerability in Group Policy Could Allow Remote
Code
Execution (3000483) | Rapid7
1 min
Patch Tuesday, March 2015
This month Microsoft has released 14 new bulletins, 5 of which are rated as
“Critical” and another 9 as “Important”. As a déjà vu from last month, a
critical remote code execution vulnerability (MS15-018) affecting all supported
Internet Explorer versions (6-11) is being patched, which addresses 12 CVEs. The
patch addresses issues with Internet Explorer's memory management that could
allow the remote corruption of memory and result in the execution of malicious
code as the current user. As alway
4 min
IT Ops
Terminology Nerd War: APM, Log Analysis & More
Just the other day I was hanging out with my developer buddy. We entered what we
thought would be an interesting topic on how you cannot call an environment
“DevOps” without analytics.
But we soon were in a nerd war on what a term meant.
Yes, this is what I talk about in my free time.
!(https://blog.rapid
In the thick of it, we both used the term “Server Monitoring.” But neither of us
were talking about the same thing. I was referring to log man
2 min
InsightIDR
Tracking Web Activity by MAC Address
In this blog post we explore the benefit of tracking web activity by MAC address. Learn more.
5 min
Apple
Top 10 list of iOS Security Configuration GIFs you can send your friends and relatives
Easily share these animated iOS Security tips with friends and relatives!
While iOS is generally considered to be quite secure, a few configuration items
can improve its security.
Some changes have very little functionality impact, while others are more
visible but probably only needed in specific environments.
This guide contains some of the most important, obvious ones, and contains a GIF
for each configuration step to be taken.
If you already know everything about iOS security, use this a
3 min
IT Ops
Why Interoperability is a Key Requirement for Your DevOps Toolkit
Today’s DevOps culture drives the requirement for development and ops teams to
share tooling and to combine lots of different services/processes to give them
visibility into their systems throughout the system life cycle. For example the
modern DevOps toolkit
will consistently include the following categories of tools (and more…):
* APM (e.g. New Relic, AppDynamics, AppNeta, AlertSite)
* Team Communication (e.g. Slack
3 min
IT Ops
Getting Started with the Logentries & Logstash Integration
Logstash is an open source tool for managing events and logs. It is used to
collect, search and store logs for later use. If you are using Logstash to
collect logs from across your infrastructure already, and you are looking for
more sophisticated log analytics tool, you are in the right place.
I will show you how to configure Logstash to forward all your logs to your
Logentries account using the plugin and token
connection.
Prerequisites
* Logstash downloaded and co