Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

We've updated Rapid7’s community resources

Hello. We've evolved our community resources to provide a richer experience. Learn more.
Questions? Contact us.

blog.rapid7.com

Blogs, How-tos, & Research

Our new blog will still publish the same cutting-edge research, analysis, and commentary you expect from Rapid7.

Explore the Blog
help.rapid7.com

Docs, Help, & Questions

Help content and documents are now curated to let you get the information you need even faster.

Explore Help

Metasploit Wrapup

The Malicious Git HTTP Server For CVE-2018-17456 module by timwr exploits a vulnerability in Git that can cause arbitrary code execution when a user clones a malicious repository using commands such as git clone --recurse-submodules and git submodule update.…

[Q&A] Why Every Threat Detection Strategy Needs User Behavior Analytics

VP of Product Sam Adams explains how UBA works and how it’s evolved over the years to become a core part of threat detection and response strategies.…

Patch Tuesday - November 2018

Microsoft's patches this month address over 60 vulnerabilities. Just like last month, another zero-day privilege escalation vulnerability in Win32k has been patched. CVE-2018-8589 has been seen exploited in the wild, and allows a logged-in attacker to execute arbitrary code in the security context of a…

Rolling with Your Logs, Part 2: Advanced Mode Searches

In the Part 2 of this three-part series on InsightIDR Log Search, we will cover three concepts: parsed logs, groupby function, and log search operations.…

Metasploit Wrapup

Now in Framework: Exploit for jQuery File Upload plugin vuln, two new post modules to exfil images and texts from compromised iOS devices. Plus, this year's community CTF.…

Top 5 Threats Healthcare Organizations Face and How to Combat Them

Looking to protect your healthcare organization from cyber-threats? Here are the top five threats to look out for and tips on how to outsmart attackers.…

Rapid7 Wins Frost & Sullivan 2018 Global Vulnerability Management Market Leadership Award

We’re thrilled to announce that Rapid7 InsightVM was selected as the market leader in vulnerability management by Frost & Sullivan.…

Rolling with Your Logs, Part 1: Your Guide to Log Search in InsightIDR

In the first installment of this series, we'll cover the three most important basics of log search, then run through a few common Simple Mode searches.…

Announcing the 2018 Metasploit Community CTF

Two targets, three days, and a thousand teams: Put your skills to the test for a chance to win prizes and bragging rights in Metasploit’s 2018 community CTF.…

Metasploit Wrapup

Today marks the 30th anniversary of the Morris worm. We were hit by a wave of nostalgia, so here's a little history and a module-trip down memory lane courtesy of wvu.…

Why It’s Critical to Test the Failure State of IoT Products

When considering or testing the security posture of an IoT product’s ecosystem, it is important to take into account how that product handles failure conditions.…

Expanded Protections for Security Researchers Under DMCA Sec. 1201

The Library of Congress announced that it would renew and expand legal protections for security testing under Section 1201 of the Digital Millennium Copyright Act (DMCA).…