4 min
Metasploit
Six Ways to Automate Metasploit
Onward
Over the last few weeks the Metasploit team at Rapid7 has engaged in an overhaul
of our development process. Our primary goals were to accelerate community
collaboration and better define the scopes of our open source projects. The
first step was to migrate all open source development to GitHub. This has
resulted in a flood of contributors and lots of greatnew features and content.
One controversial change involved removing old, buggy automation tools that
simply didn't meet the quality
4 min
Vendor Security
I'd like to share our experiences with vendor security since I'm sure it's
something that impacts all of us. Like every company, Rapid7 relies on a number
of technology vendors for a huge range of products and services to run the
business. I'm sure no one will be surprised to hear that as a security company
we have a policy specifying the security requirements that our vendors need to
meet before we'll do business with them. Our view is that their security
directly impacts any of our internal or
8 min
Metasploit
Recon, Wireless, and Password Cracking
The Metasploit Framework continues to grow and expand with the support of the
community. There have been many new features added to the Metasploit Framework
over the past month. I am very excited to be able to share some of these new
developments with you.
Mubix's Recon Modules
Mubix's post-exploitation modules form his Derbycon talk are now in the
repository. The resolve_hostname module, originally called 'Dig', will take a
given hostname and resolve the IP address for that host from the windo
1 min
Metasploit
Adding Custom Wordlists in Metasploit for Brute Force Password Audits
In any penetration test that involves brute forcing passwords, you may want to
increase your chances of a successful password audit by adding custom wordlists
specific to the organization that hired you. Some examples:
* If you are security testing a hospital, you may want to add a dictionary with
medical terms.
* If you're testing a German organization, users are likely to use German
passwords, so you should add a German wordlist.
* Another good idea is to build a custom wordlist b
0 min
Metasploit
Metasploit and PTES
One of our Metasploit contributers, Brandon Perry
, has put together a document detailing the
recently released Penetration Testing Execution Standard
(PTES) with the modules and
functionality in the Framework. PTES is a push from a group of testers fed up
with the lack of guidance and the disparate sources of basic penetration testing
information. Brandon's document does a great job detailing disparate par
3 min
Release Notes
Exploit for Critical Java Vulnerability Added to Metasploit
@_sinn3r and Juan Vasquez
recently released a module which
exploits the Java vulnerability detailed here
by mihi and by Brian
Krebs here
.
This is a big one. To quote Krebs: "A new exploit that takes advantage of a
recently-patched critical security flaw in Java is making the rounds in the
cri
1 min
Metasploit
Three Great New Metasploit Books
I've seen three great Metasploit books published lately. The one that most
people are probably already familiar with is Metasploit: The Penetration
Tester's Guide by David Kennedy, Jim O'Gorman, Devon Kearns and Mati Aharoni.
The book is very comprehensive, and packed full of great advice. David Kennedy
is Chief Information Security Officer at Diebold Incorporated and creator of the
Social-Engineer Toolkit (SET), Fast-Track, and other open source tools, so he
really knows his stuff. By the way,
2 min
Microsoft
Microsoft Patch Tuesday - November 2011
November's Microsoft Patch Tuesday contains four bulletins: one “critical”, two
“importants”, and one “moderate”. The majority of these bulletins relate to
Microsoft's later versions of the OS, implying that the flaws they address were
possibly introduced with Windows Vista. Generally more vulnerabilities are found
in earlier versions of the OS, so this month is unusual.
The critical bulletin – MS11-083 – is a TCP/IP based, specifically UDP,
vulnerability which affects Vista, Windows 7, Server
1 min
Boston Globe Selects Rapid7 as a Top Place to Work
On Sunday the Boston Globe published its annual “Top Places to Work” rankings.
This was our first time participating in the list and I'm very proud to report
that Rapid7 placed #11 in the category for employers with less than 250
employees. I'd like to congratulate our amazing team, not just those in Boston,
but the entire Rapid7 family. The passion and commitment of our team is evident
across all our locations, with everyone contributing to the culture that makes
us successful. Congratulations
3 min
The Advanced Policy Engine
The Advanced Policy Engine is the new configuration compliance framework that
was created for the Nexpose 5.0 release.
Advanced? What makes it advanced?
Anyone can call anything "Advanced" these days. A lot of times it is hard to
tell if it is just marketing or a real improvement. Look at all of the cleaning
ads on television right now.
"Cleaner X cleans 30% then the our previous cleaner using our new Advanced
formula!!!"
Is it really improved? How did they measure the i
0 min
Metasploit
Metasploit Framework Featured on CNN: Phishing Made Simple
While browsing security related articles at CNN, I noticed this video of Eric
Fiterman demonstrating a phishing attack and some post exploitation techniques
with Metasploit Framework.
Video courtesy of:
2 min
Metasploit
PCI DIY: How to do an internal penetration test to satisfy PCI DSS requirement 11.3
If you're accepting or processing credit cards and are therefore subject to PCI
DSS, you'll likely be familiar with requirement 11.3, which demands that you
"perform penetration testing at least once a year, and after any significant
infrastructure or application upgrade or modification". What most companies
don't know is that you don't have to hire an external penetration testing
consultant - you can carry out the penetration test internally, providing you
follow some simple rules:
* Sufficie
3 min
Nexpose
Introducing Metasploit Community Edition!
The two-year anniversary of the Metasploit acquisition is coming up this week.
Over the last two years we added a ridiculous amount of new code to the open
source project, shipped dozens of new releases, and launched two commercial
products. We could not have done this without the full support of the security
community. In return, we wanted to share some of our commercial work with the
security community at large.
As of version 4.1 , we now include the Metasploit
2 min
Patch Tuesday
October 2011 Patch Tuesday
This month, Microsoft issued eight bulletins, addressing 23 vulnerabilities
across Microsoft Windows, Silverlight, .NET and Forefront product lines. Only
two bulletins were rated 'critical', and the rest were rated 'important'.
In terms of prioritizing patching, when I look at security vulnerabilities,
first I want to understand which ones can have the most widespread impact.
MS11-081is a cumulative update which affects Internet Explorer, so it relates to
both corporate and home users. These v
15 min
Metasploit
MonaSploit
Introduction
“Standalone exploits suck”.
egyp7 and bannedit
made this statement earlier this year at Bsides Vegas, and nullthreat
& yours truly
elaborated on this even more during our talk
at Derbycon 2011.
There are many reasons why writing Metasploit exploit modules and submitting
them to the Metasploit framework is a good idea. You're not only going to help
the