Nmap Service Detection for Nexpose and InsightVM Scan Engines
As of version 6.6.14 of Nexpose and InsightVM, the Scan Engine can now utilize Nmap service probes in addition to...
hacking
Burp Exporter – A Burp Suite Extension To Copy A Request To The Clipboard As Multiple Programming Languages Functions
Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.You can export...
crauEmu – An uEmu Extension For Developing And Analyzing Payloads For Code-Reuse Attacks
crauEmu is an uEmu extension for developing and analyzing payloads for code-reuse attacks.Slides from ZeroNights 2019Demo 1 - X32-64, Edge,...
Preparing for the Cybersecurity Maturity Model Certification (CMMC) Part 1: Practice and Process
All of us here at Rapid7 hope that you and your families are safe and well during this unprecedented national...
Meet AttackerKB
In 2019, the number of new vulnerabilities published was more than double what we saw in 2016. 2020 is on...
How to Use John The Ripper in a Google Collab for FREE!
How many times have you needed to use John The Ripper to do some password cracking but just not had...
Htbenum – A Linux Enumeration Script For Hack The Box
This script is designed for use in situations where you do not have internet access on a Linux host and...
Domained – Multi Tool Subdomain Enumeration
A domain name enumeration toolThe tools contained in domained requires Kali Linux (preferred) or Debian 7+ and Recon-ngdomained uses several...
Patch Tuesday – April 2020
Global working-from-home routines haven't slowed down Microsoft and its ability to help close up vulnerabilities in their products. This April...
Lollipopz – Data Exfiltration Utility For Testing Detection Capabilities
Data exfiltration utility used for testing detection capabilities of security products. Obviously for legal purposes only.Exfiltration How-To/etc/shadow -> HTTP GET...
Sherloq – An Open-Source Digital Image Forensic Toolset
An open source image forensic toolset Introduction"Forensic Image Analysis is the application of image science and domain expertise to interpret...
Remote Work Readiness: How to Keep a Security Mindset
As companies respond to COVID-19, many require their employees to work from home. This migration of the workforce places the...
Inhale – A Malware Analysis And Classification Tool
Inhale is a malware analysis and classification tool that is capable of automating and scaling many static analysis operations.This is...
Privacy Badger – A Browser Extension That Automatically Learns To Block Invisible Trackers
Privacy Badger is a browser extension that automatically learns to block invisible trackers. Instead of keeping lists of what to...
Audix – A PowerShell Tool To Quickly Configure The Windows Event Audit Policies For Security Monitoring
Audix will allow for the SIMPLE configuration of Windows Event Audit Policies. Window's Audit Policies are restricted by default. This...
Serverless Prey – Serverless Functions For Establishing Reverse Shells To Lambda, Azure Functions, And Google Cloud Functions
Serverless Prey is a collection of serverless functions (FaaS), that, once launched to a cloud environment and invoked, establish a...
Lunar – A Lightweight Native DLL Mapping Library That Supports Mapping Directly From Memory
A lightweight native DLL mapping library that supports mapping directly from memoryFeaturesImports and delay imports are resolvedRelocations are performedImage sections...
Ps-Tools – An Advanced Process Monitoring Toolkit For Offensive Operations
Having a good technical understanding of the systems we land on during an engagement is a key condition for deciding...
Eavesarp – Analyze ARP Requests To Identify Intercommunicating Hosts And Stale Network Address Configurations (SNACs)
A reconnaissance tool that analyzes ARP requests to identify hosts that are likely communicating with one another, which is useful...
Richkit – Domain Enrichment Toolkit
Richkit is a python3 package that provides tools taking a domain name as input, and returns addtional information on that...
Answers to Three FAQs About the New-and-Improved Cloud Configuration Assessment Remediation Content in InsightVM
Organizations operating in a cloud environment like Amazon Web Services (AWS) face additional security risk challenges that they need to...
Chromepass – Hacking Chrome Saved Passwords
Chromepass is a python-based console application that generates a windows executable with the following features:Decrypt Chrome saved paswordsSend a file...
Tentacle – A POC Vulnerability Verification And Exploit Framework
Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It...
Self-Isolation, Home Networking, and Open Source: Recog and Rumble
Hey, gang. You know I'm a big open source fan and occasional contributor, so I just wanted to take a...
