Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.

View Cookie Policy for full details

Rapid7 Blog

Brent Cook  



Metasploit Wrapup

We had a great time meeting everyone at the various Metasploit events at hacker summer camp last week, including two popup capture the flag events with Metasploitable3, the Open Source Security Meetup and selling Metasploit 0xf Anniversary Tour.…

Metasploit Wrapup

Spring has come again to Austin, TX, home of the Rapid7 Metasploit team. While the season here brings pollen and allergies, it also brings fields full of bluebonnets and folks taking pictures before they all disappear. Let's celebrate by looking at what's popped up in…

Metasploit Wrapup

Metasploit 5 Development Has Begun It's 2018, the ice is melting in Austin, and as we hinted last October, Metasploit 5 development efforts have begun in earnest. We have a laundry list of features that we are working on for it. The first feature merged…

12 Memorable Metasploit Moments of 2017

This HaXmas, we delve into 12 Memorable Metasploit Moments from 2017 that inspired us, impressed us, and made us feel more connected to our global community of contributors, users, and friends.…

Metasploit Wrapup

What's coming down the pipeline for Metasploit? Brent Cook brings you October's first Metasploit wrap-up.…

Metasploit: The New Shiny

It's been a while since I've written a blog post about new stuff in Metasploit (and I'm not sure if the editors will let me top the innuendo of the last one). But I'm privileged to announce that I'm speaking about Metasploit twice next month:…

Metasploit Framework Valentines Update

Valentines day is just around the corner! What could be a nicer gift for your sweetie than a bundle of new Metasploit Framework updates? The community has been as busy as ever delivering a sweet crop of sexy exploits, bug fixes, and interesting new features.…

12 Days of HaXmas: Meterpreter's new Shiny for 2016

Merry HaXmas to you! Each year we mark the 12 Days of HaXmas with 12 blog posts on hacking-related topics and roundups from the year. This year, we're highlighting some of the “gifts” we want to give back to the community. And while these gifts…

Pokemon Go, Security, and Obsolescence

Pokemon Go started it. The crusty old house cell phone, which we had years ago ported from a genuine AT&T land line to a T-Mobile account, suddenly caught the attention of my middle son. "Hey Dad, can I use that phone to…

Important security fixes in Metasploit 4.12.0-2016091401

A number of important security issues were resolved in Metasploit (Pro, Express, and Community editions) this week. Please update as soon as possible. Issue 1: Localhost restriction bypass    (affects versions 4.12.0-2016061501 through 4.12.0-2016083001) On initial install, the Metasploit web interface displays…

Metasploit Weekly Wrapup for 2015-10-15

Welcome to this week's Metasploit Wrapup. I'm your host Brent Cook, tagging in for egypt who just finished speaking about Metasploit at the Texas DIR Telecommunications Forum. This week was largely focused on bug fixes and refinements. In the fixes bucket, PowerShell sessions now properly…

Metasploit Framework Tools Reorg

There are a wide variety of interesting and useful tools in the Metasploit Framework. Many of these are available from the top-level of Metasploit in the form of modules and library code. You can find countless tutorials and blogs about how to put msfconsole, msfvenom…

Metasploit Framework Open Source Installers

Rapid7 has long supplied universal Metasploit installers for Linux and Windows. These installers contain both the open source Metasploit Framework as well as commercial extensions, which include a graphical user interface, metamodules, wizards, social engineering tools and integration with other Rapid7 tools. While these features…

Unicode Support in Meterpreter

A short, mostly-accurate history of character encodings In the beginning, when you wanted to use a computer to store text, there were not many options - you inherited something from punchcards like EBCDIC or invented something convenient and unique to your system. Computers did not…

12 Days of HaXmas: Maxing Meterpreter's Mettle

This post is the twelfth in a series, 12 Days of HaXmas, where we usually take a look at some of more notable advancements and events in the Metasploit Framework over the course of 2014. As this is the last in the series, let's peek…

Featured Research

National Exposure Index 2018

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More


Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Featured Research

Quarterly Threat Report

Rapid7’s Quarterly Threat Report leverages intelligence from our extensive network—including the Insight platform, managed detection and response engagements, Project Sonar, Heisenberg Cloud, and the Metasploit community—to put today’s shifting threat landscape into perspective. It gives you a clear picture of the threats that you face within your unique industry, and how those threats change throughout the year.

Learn More