Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Under the Hoodie  

This One Time on a Pen Test: I’m Calling My Lawyer!

In this engagement, Rapid7 pen testers were tasked to identify sensitive information, harvest credentials, and obtain a reverse shell on their machines.…

This One Time on a Pen Test: Playing Social Security Slots

This post is part of an ongoing series featuring testimonials of what goes on beneath the hoodie during Rapid7 penetration testing engagements.…

Ask a Pen Tester, Part 2: A Q&A With Rapid7 Pen Testers Gisela Hinojosa and Carlota Bindner

Rapid7 pen testers Gisela Hinojosa and Carlota Bindner are back to answer another round of questions about the mysterious art of penetration testing…

Rapid7 Releases 2020 Under the Hoodie Report: Lessons Learned from a Year of Penetration Tests

Rapid7 recently released its 2020 Under the Hoodie report, detailing the ins and outs of penetration testing.…

This One Time on a Pen Test: “Let Me Get That for You”

In this blog, we discuss how our team successfully gained access to a client's physical building in an unlikely way.…

This One Time on a Pen Test: Our Accidental Win

In this blog, we recall one pen test where a placeholder password we put in actually worked with one login account.…

This One Time on a Pen Test: What’s in the Box?

Here is the story of how one of our penetration testers exploited ExternalBlue on a rogue access point.…

This One Time on a Pen Test: The Pizza of Doom

Here is the story of how I bypassed physical security controls by posing as a pizza delivery guy and showing up to my client site with a pizza pie.…

This One Time on a Pen Test: Your Mouse Is My Keyboard

In one engagement, we were tasked with compromising the internal network of a facility that was used for medical trials. Here's what happened.…

This One Time on a Pen Test: Nerds in the NERC

Here is the story of how we gained access to a NERC CIP control room in a power plant as part of a penetration testing engagement.…

This One Time on a Pen Test: Missed a Spot

In this penetration testing story, Ted Raffle discusses how even strong security controls and threat mitigation can miss the mark when only one or two systems fall through the cracks.…

Ask a Pen Tester: Q&A with Rapid7 Penetration Tester Aaron Herndon

Recently, we gave our customers the opportunity to ask members of our penetration testing services team any burning questions they have.…

This One Time on a Pen Test: Paging Doctor Hackerman

In this blog, one of our penetration testers tells the story of how he hacked X-ray machine and got the keys to the entire network.…

[Research] Under the Hoodie, 2019 Edition: Lessons Learned from 180 Penetration Tests

Our 2019 Under the Hoodie report covers the measurable results of about 180 penetration tests conducted by Rapid7. Find out what we learned.…

Never miss a blog

Get the latest stories, expertise, and news about security today.