Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Tips and Tricks  

How Vulnerable Are Your Phishing Targets?

When you're assessing the exposure to phishing in your organization, one important part are the client-side vulnerabilities that would enable a malicious attacker to exploit a browser. In this blog post, I'd like to outline a non-invasive (and free!) way to get visibility into your…

Social Media: Vector for the New Economic Attack?

The big news in security this week has been the hijacking of the Associated Press' Twitter account. The attackers leveraged the "bad news" atmosphere created by the events in Boston last week to gain some measure of credibility for a tweet about bombs exploding at…

Webcast: Decrease Your Risk of a Data Breach - Effective Security Programs with Metasploit

Thanks for the many CISOs and security engineers who attended our recent webcast, in which I presented some practical advice on how to leverage Metasploit to conduct regular security reviews that address current attack vectors. While Metasploit is often used for penetration testing projects, this…

PCI 30 seconds newsletter #22 - Don't get lost in translation with Executives. Get them listening.

"I need people and I need funding to do my job properly. Executives don't get it - They want me to bulletproof their systems but don't want to listen".Does this sound familiar? Of course, such moaning fills the room of security gathering sessions such…

Metasploit exploit development - The series Part 1.

So you wanna be a Metasploit exploit developer huh? Well you are in luck because I have been working on an an "in-depth" exploit development tutorial series  that takes users behind the scenes on the process of exploit development and metasploit module creation.…

Can't Exploit Machines? A Metasploit Troubleshooting How To

It can be very frustrating to try exploiting machines and not succeeding, especially if your vulnerability report is showing a lot of vulnerabilities on the hosts you are trying to exploit. This is usually due to one of the following reasons:Not all reported vulnerabilities…

Metasploit Tutorial: An introduction to Metasploit Community

Marcus J. Carey put together some great Metasploit Tutorial videos about Metasploit Community that I want to share with you. Metasploit Community Edition simplifies network discovery and vulnerability verification for specific exploits, increasing the effectiveness of vulnerability scanners such as Nexpose – for free. You can…