Rapid7 Risk Management

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 19 hours ago

  • Metasploit Wrapup

    Faster, Meterpreter, KILL! KILL!You can now search for and kill processes by name in Meterpreter with the new pgrep and pkill commands. They both have flags similar to the older ps command, allowing you to filter by architecture (-a), user (-u), or to show only child processes of the current session's process (-c). We've also added a -x flag to find processes with an exact match instead of a regex...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 19 hours ago

  • The CIS Critical Security Controls Explained – Control 5: Controlled Use of Administrative Privilege

    The ultimate goal of an information security program is to reduce risk. Often, hidden risks run amok in organizations that just aren’t thinking about risk in the right way. Control 5 of the CIS Critical Security Controls can be contentious, can cause bad feelings, and is sometimes hated by system administrators and users alike. It is, however, one of the controls that can have the largest impact o...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 1 day ago

  • Exploiting Macros via Email with Metasploit Pro Social Engineering

    Currently, phishing is seen as one of the largest infiltration points for businesses around the globe, but there is more to social engineering than just phishing. Attackers may use email and USB keys to deliver malicious files to users in the hopes of gaining access to an organization’s network. Users that are likely unaware that unsolicited files, such as a Microsoft Word document with a macro, m...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 3 days ago

  • Combining Responder and PsExec for Internal Penetration Tests

    By Emilie St-Pierre, TJ Byrom, and Eric Sun Ask any pen tester what their top five penetration testing tools are for internal engagements, and you will likely get a reply containing nmap, Metasploit, CrackMapExec, SMBRelay and Responder.  An essential tool for any whitehat, Responder is a Python script that listens for Link-Local Multicast Name Resolution (LLMNR), Netbios Name Service (NBT-NS) and...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 3 days ago

  • Metasploit's RF Transceiver Capabilities

    The rise of the Internet of ThingsWe spend a lot of time monitoring our corporate networks. We have many tools to detect strange behaviors. We scan for vulnerabilities. We measure our exposure constantly. However, we often fail to recognize the small (and sometimes big) Internet of Things (IoT) devices that are all around our network, employees, and employees’ homes. Somewhat alarmingly – consider...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 1 week ago

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 1 week ago

  • Metasploit, Google Summer of Code, and You!

    Spend the summer with Metasploit I'm proud to announce that the Metasploit Project has been accepted as a mentor organization in the Google Summer of Code! For those unfamiliar with the program, their about page sums it up nicely:Google Summer of Code is a global program focused on introducing students to open source software development. Students work on a 3 month programming project with an open...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 1 week ago

  • Apache Struts Vulnerability (CVE-2017-5638) Protection: Scanning with Nexpose

    On March 9th, 2017 we highlighted the availability of a vulnerability check in Nexpose for CVE-2017-5638 – see the full blog post describing the Apache Struts vulnerability here. This check would be performed against the root URI of any HTTP/S endpoints discovered during a scan. On March 10th, 2017 we added an additional check that would work in conjunction with Nexpose’s web spider functionality...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 1 week ago

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 1 week ago

  • Patch Tuesday - March 2017

    Due in part to the delay of February's fixes, today's Patch Tuesday is a big one, comprising 18 bulletins split evenly between "Critical" and "Important" ratings. It's also significant as three of the bulletins (MS17-006, MS17-012, and MS17-013) contain fixes for vulnerabilities that were previously disclosed by external vendors and have exploit code publicly available. Administrators should prior...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 1 week ago

  • Protecting Your Web Apps with AppSpider Defend Until They Can Be Patched

    AppSpider scans can detect exploitable vulnerabilities in your applications, but once these vulnerabilities are detected how long does it take your development teams to create code fixes for them?  In some cases it could take several days to weeks before a fix/patch to resolve the vulnerability can be deployed, and during this time someone could be actively exploiting this issue in your applicatio...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 1 week ago

  • Pen Testing Cars with Metasploit and Particle.io Photon Boards

    TL;DRThis post details how to use the MSFRelay library for Photon boards to write your own Metasploit compatible firmware. Specifically for an add-on called Carloop. If you have a Carloop and just want it to work with Metasploit without having to write any code (or read this) then I’ve also provided the full code as a library example in the Particle library and can be found here. Photons ReadyPart...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 1 week ago

  • R7-2017-01: Multiple Vulnerabilities in Double Robotics Telepresence Robot

    This post describes three vulnerabilities in the Double Robotics Telepresence Robot ecosystem related to improper authentication, session fixation, and weak Bluetooth pairing. We would like to thank Double Robotics for their prompt acknowledgement of the vulnerabilities, and in addressing the ones that they considered serious. Two of the three vulnerabilities were patched via updates to Double Rob...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 1 week ago

  • Metasploit Weekly Wrapup

    The last couple of weeks in the infosec world have appeared busier, and buzzier, than most others.  It seems almost futile to pry everyone away from the current drama--that being the bombshell revelation that intelligence agencies collect intelligence--long enough to have them read our dev blog.  Regardless, we've been busy ourselves.  And if you're the least bit like me, you could probably use a ...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 3 weeks ago

  • User and Entity Behavior Analytics: A Strategic Primer

    If you’re investing beyond malware detection, you’ve probably come across User Behavior Analytics (aka UBA, UEBA, SUBA). Why are organizations deploying UBA, and are they finding value in it? In this primer, let’s cover what’s being seen in the industry, and then a bit on how we’re approaching the problem here at Rapid7. What Are Organizations Looking For?According to the 2016 Verizon DBIR, 63% of...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 1 month ago

  • The Ransomware Chronicles: A DevOps Survival Guide

    NOTE: Tom Sellers, Jon Hart, Derek Abdine and (really) the entire Rapid7 Labs team made this post possible. On the internet, no one may know if you’re of the canine persuasion, but with a little time and just a few resources they can easily determine whether you’re running an open “devops-ish” server or not. We’re loosely defining devops-ish as: MongoDBCouchDBElasticsearch for this post, but we ha...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 1 month ago

  • Weekly Metasploit Wrapup

    Welcome back to the Metasploit Weekly Wrapup! It's been a while since the last one, so quite a bit has happened in that time including 75 Pull Requests. Stageless mettleThe rewrite of meterpreter for POSIX systems, mettle, now supports a stageless mode. You can now build standalone static executables for almost a dozen architectures and run them on everything from small home routers to cell phones...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 1 month ago

  • Scan Configuration Improvements in Nexpose

    A common request we hear from customers is for the ability to schedule scans on individual assets, or on subsets of assets.Currently, you can start a manual scan and choose specific IPs, engine and template, but you need to have permissions to create sites in order to schedule such a scan.Good news!In version 6.4.18 version of Nexpose, released Jan 25th 2017, we've addressed this! Now individual s...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 2 months ago

  • London Infosec Assemble: Join us for a SecurityTalk Breakfast Briefing!

    January 30th, 9AM: We’ll be joining Okta and Code42 for a breakfast brief to share what we’re seeing in security today. If you’re worried about the security of your cloud services, ransomware, or simply the top attack vectors attackers are succeeding with today, this is a must-attend event. At Rapid7, we understand you’re inundated by the sheer amount of data you need to collect, prioritize, and u...

  • Impact Driven Risk Analysis and Response With Nexpose

    Today I'd like to highlight an often overlooked but very handy analysis option in Nexpose - filtering assets based on their discovered vulnerability CVSS Impact Metrics (Confidentiality, Integrity, Availability). We will use RealContext tags and Filtered Asset Search to answer the following questions:Are there any Availability Impact findings on High Availability systems? (i.e. web servers, authen...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 2 months ago

  • Maximizing PCI Compliance with Nexpose and Coalfire

    In 2007 Coalfire selected Rapid 7 Nexpose as the engine around which to build their PCI Approved Scan Vendor offering.  PCI was just a few years old and merchants were struggling to achieve and document full compliance with the highly proscriptive Data Security Standard.  Our goal was to find that classic sports car blend of style and power: a vulnerability assessment solution that was as streamli...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 2 months ago

  • Patch Tuesday, January 2017

    Microsoft starts off the year with 4 bulletins and continues a long running trend with their products where the majority of bulletins (2) are remote code execution (RCE) followed by an even distribution of elevation of privilege and denial of service. Missing from this month’s list of affected products is Internet Explorer, which typically complements the Edge bulletin (MS17-002). All this month’s...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 2 months ago

  • Snakes Masquerading as Vines

    We spend a lot of time identifying trustworthiness in our day-to-day lives. We constantly evaluate trustworthiness in both the people that we meet and in the products and services that we decide to interact with.  Imagine that you’re like Tarzan in the jungle; you’re trying to navigate your way through products and services using the vines that hang in your path. Each vine either helps or hinders ...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 2 months ago

  • Breaking Metasploitable3: The King of Clubs

    Metasploitable3 is a free virtual machine that we have recently created to allow people to simulate attacks using Metasploit. In it, we have planted multiple flags throughout the whole system; they are basically collectable poker card images of some of the Rapid7/Metasploit developers. Some are straight-forward and easy to open, some are hidden, or obfuscated, etc. Today, we would like to share th...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 2 months ago

  • 3 Things We Learned From the Joint Analysis Report

    2016 kept us on our toes right up to the very end - and its last curveball will have implications lasting well past the beginning of the new year.  Speculation on Russian hacking is nothing new, but it picked up notably with the DNC hack prior to the presidential election and the subsequent release of stolen emails, which the intelligence community later described as an information operation aimed...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 2 months ago

  • 12 Days of HaXmas: Meterpreter's new Shiny for 2016

    Merry HaXmas to you! Each year we mark the 12 Days of HaXmas with 12 blog posts on hacking-related topics and roundups from the year. This year, we’re highlighting some of the “gifts” we want to give back to the community. And while these gifts may not come wrapped with a bow, we hope you enjoy them. Editor's Note: Yes, this is technically an extra post to celebrate the 12th day of HaXmas. We said...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 2 months ago

  • 12 Days of HaXmas: The Gift of Endpoint Visibility and Log Analytics

    Merry HaXmas to you! Each year we mark the 12 Days of HaXmas with 12 blog posts on hacking-related topics and roundups from the year. This year, we’re highlighting some of the “gifts” we want to give back to the community. And while these gifts may not come wrapped with a bow, we hope you enjoy them. Machine generated log data is probably the simplest and one of the most used data source for every...

  • Focusing on Default Accounts - Targeted Analysis With Nexpose

    In my last blog post I went in depth on Impact Driven Analysis and Response, an often-overlooked but very handy analysis option in Nexpose. Today I'd like to talk about another great option for analysis - filtering assets based on their discovered vulnerabilities by Vulnerability Category. We will use Filtered Asset search to take a focused look at a specific category: Default Account findings.  D...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 2 months ago

  • 12 Days of HaXmas: New Years Resolutions for the Threat Intelligence Analyst

    Merry HaXmas to you! Each year we mark the 12 Days of HaXmas with 12 blog posts on hacking-related topics and roundups from the year. This year, we’re highlighting some of the “gifts” we want to give back to the community. And while these gifts may not come wrapped with a bow, we hope you enjoy them. You may or may not know this about me, but I am kind of an overly optimistic sunshine and rainbows...

  • Metasploitable3 CTF Results and Wrap-Up

    The Metasploitable3 CTF competition has wrapped up and we have our winners!  We had almost 300 flag submissions from more than 50 fine folks.  There were some really great right-ups submitted with great details on how flags were found.  Thanks to everyone who took time to submit a finding!  ON TO THE RESULTS! When we announced the competition, we didn't specify if team submissions were allowed or ...

Rapid7 Risk Management

Category: Content
Type: Blog Article

Generated 2 months ago

  • 12 Days of Haxmas: Giving the Gift of Bad News

    Merry HaXmas to you! Each year we mark the 12 Days of HaXmas with 12 blog posts on hacking-related topics and roundups from the year. This year, we’re highlighting some of the “gifts” we want to give back to the community. And while these gifts may not come wrapped with a bow, we hope you enjoy them. This holiday season, eager little hacker girls and boys around the world will be tearing open thei...

Out-Market Your Competitors?

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account Log in

Out-Market Your Competitors

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account

Already a user?  Log in