Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Recent Posts

R7-2019-32: Denial-of-Service Vulnerabilities in Beckhoff TwinCAT PLC Environment

Rapid7 researcher Andreas Galauner has discovered two vulnerabilities affecting the TwinCAT PLC environment.…

Why Do Managed Detection and Response (MDR) Services Exist in a World Dominated by MSSPs?

In this blog, we break-down why Managed Detection and Response (MDR) services can survive in a market dominated by MSSP's.…

Metasploit Wrap-Up

Command and Control with DOUBLEPULSAR We now have a DOUBLEPULSAR exploit module thanks to some amazing work by our own wvu, Jacob Robles, and some significant contributions from the wider community. The module allows you to check for the DOUBLEPULSAR implant, disable it, or even…

This One Time on a Pen Test: “Let Me Get That for You”

In this blog, we discuss how our team successfully gained access to a client's physical building in an unlikely way.…

SAML All the Things! A Deep Dive into SAML SSO

In this blog, we will take a deep dive into everything you need to know about Security Assertion Markup Language (SAML).…

Open-Source Command and Control of the DOUBLEPULSAR Implant

Metasploit researcher William Vu shares technical analysis behind a recent addition to Framework: a module that executes a Metasploit payload against the Equation Group's DOUBLEPULSAR implant for SMB and allows users to remotely disable the implant.…

Exim Vulnerability (CVE-2019-16928): Global Exposure Details and Remediation Advice

On Sept. 27, CVE-2019-16928 was promulgated, indicating all Exim versions 4.92–4.92.2 were vulnerable to a heap-based buffer overflow.…

How DHS and MITRE Collaborate to Validate Vulns

In this week's podcast, we spoke with Katie Trimble of DHS and Chris Coffin of MITRE about their work with the CVE Project.…

You Can Have It Both Ways with AppSec: Security and Speed

Security and DevOps teams seemingly have to choose between speed and security. We think there's a better way.…

Metasploit Wrap-Up

BlueKeep is Here The BlueKeep exploit module is now officially a part of Metasploit Framework. This module reached merged status thanks to lots of collaboration between Rapid7 and the MSF community members. The module requires some manual configuration per target, and targets include both virtualized…

This One Time on a Pen Test: Our Accidental Win

In this blog, we recall one pen test where a placeholder password we put in actually worked with one login account.…

Four Ways to Improve Automated Vulnerability Management Efficiency with SOAR

In this post, we’ll cover four ways to leverage security orchestration and automation (SOAR) to improve your vulnerability management program and save time in the process.…

How to Easily Schedule a Meeting with Rapid7 Support

Rapid7 is pleased to announce that you can now schedule a meeting with your Support Engineer with the click of a button.…

Metasploit Wrap-Up

On the correct list AppLocker and Software Restriction Policies control the applications and files that users are able to run on Windows Operating Systems. These two protections have been available to the blue team for years. AppLocker is supported on Windows 7 and above, and…

This One Time on a Pen Test: What’s in the Box?

Here is the story of how one of our penetration testers exploited ExternalBlue on a rogue access point.…