Recently, we (virtually!) sat down with Jeremiah Dewey, Rapid7’s VP of Managed Services, to chat about how managed detection response...
Script to generate Win32 .exe file to take screenshots every ~10 seconds.Features:Works on WAN: Port Forwarding by Serveo.netFully Undetectable (FUD)...
Selenium based web scraper to generate passwords list.Installation# Download Firefox webdriver from https://github.com/mozilla/geckodriver/releases$ tar xzf geckodriver-v{VERSION-HERE}.tar.gz$ sudo mv geckodriver /usr/local/bin...
By Ford Qin (Mobile Threats Analyst) In late March, researchers from CheckPoint found the Tekya malware family, which was being...
Conduent, a business process outsourcing organization confirms that their European operations were crippled by a ransomware attack on Friday, in...
JSshell - a JavaScript reverse shell. This using for exploit XSS remotely, help to find blind XSS, ...This tool works...
How it worksScan common portsSend a TCP Syn packet to the destination on the defined port, if the port is...
DeviceLock analysts claim that the number of computers with the Windows operating system in Russia, that are vulnerable to Remote...
Ransomware are soon becoming the most feared disease of cyber-world, started from simple encryption of the victim's computer and files,...
This tool can scan websites with open .git repositories for Bug Hunting/ Pentesting Purposes and can dump the content of...
By Jessie Huang (Mobile Threats Analyst) We recently saw two barcode reader apps in Google Play, together downloaded more than...
Researchers have uncovered a new “enterprise-grade” backdoor malware program that they say shares code with the notorious modular banking trojan...
My name is Scott King, and I am the Senior Director of Advisory Services at Rapid7. Before that, I was...
The script aims to help in classifying vulnerabilities in web applications. The methodology RecoX is arising can spot weaknesses other...
Is it legal to buy stolen data from criminals? In most countries the answer would be no. But will it...
This post was authored by Hossein Jazi and Jérôme Segura On May 29th, we identified an attack that we believe...
Experts commented on the release of the report of independent public organizations "Information fight against Russia: constructing the image of...
Due to a recent increase in device hacks, Google has decided to strengthen up its Nest security protections. The Nest...
The russia-linked APT group have been running campaigns wherein the authors exploited a critical vulnerability (CVE-2019-10149), also called as "The...
A JavaScript components vulnrability scanner, based on RetireJS.Why use JShole instead of RetireJS?By default, RetireJS only searches one page, but...
GitMonitor is a Github scanning system to look for leaked sensitive information based on rules. I know that there are...
In a recent session of our Accelerate Threat Detection and Response with SIEM + SOAR webcast series, Rapid7 product leaders...
“Hey Joe, I wanted to remind you that starting next Monday you will be expected to teach from home. The...
Games consoles and handhelds have always been an interesting battleground for hacking activities. The homebrew scene for using hardware in...
