InsightConnect Announces New Plugin for Cisco AMP for Endpoints
Rapid7 is excited to announce a new plugin for InisghtConnect that connects to Cisco AMP for Endpoints. Cisco Advanced Malware...
hacking
XposedOrNot – Tool To Search An Aggregated Repository Of Xposed Passwords Comprising Of ~850 Million Real Time Passwords
XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage...
Dsync – IDAPython Plugin That Synchronizes Disassembler And Decompiler Views
IDAPython plugin that synchronizes decompiled and disassembled code views.Please refer to comments in the source code for more details.Requires 7.2Download...
RFCpwn – An Enumeration And Exploitation Toolkit Using RFC Calls To SAP
An SAP enumeration and exploitation toolkit using SAP RFC callsThis is a toolkit for demonstrating the impact of compromised service...
InsightIDR: 2019 Year in Review
As we turn the corner into the new year, our team has been looking back at 2019 and reflecting on...
LKWA – Lesser Known Web Attack Lab
Lesser Known Web Attack Lab is for intermediate pentester that can test and practice lesser known web attacks such as...
Multiscanner – Modular File Scanning/Analysis Framework
MultiScanner is a file analysis framework that assists the user in evaluating a set of files by automatically running a...
Election Security: What You Need to Know
Usually, when we write a "What you need to know" post on the Rapid7 blog, it's generally a rapid response...
Tishna – Complete Automated Pentest Framework For Servers, Application Layer To Web Security
Complete Automated pentest framework for Servers, Application Layer to Web SecurityInterfaceSoftware have 62 Options with full automation and can be...
AWS Report – Tool For Analyzing Amazon Resources
AWS Report is a tool for analyzing amazon resources.FeaturesSearch iam users based on creation dateSearch buckets publicSearch security group with...
WindowsFirewallRuleset – Windows Firewall Ruleset Powershell Scripts
About WindowsFirewallRulesetWindows firewall rulles organized into individual powershell scripts according to:Rule groupTraffic directionIP version (IPv4 / IPv6)Further sorted according to...
S3Tk – A Security Toolkit For Amazon S3
A security toolkit for Amazon S3Another day, another leaky Amazon S3 bucket— The Register, 12 Jul 2017Don’t be the... next......
SysWhispers – AV/EDR Evasion Via Direct System Calls
SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls.All core syscalls are supported...
Kamerka GUI – Ultimate Internet Of Things/Industrial Control Systems Reconnaissance Tool
Ultimate Internet of Things/Industrial Control Systems reconnaissance tool.Powered by Shodan - Supported by Binary Edge & WhoisXMLAPIwriteup - https://medium.com/@woj_ciech/hack-the-planet-with-%EA%93%98amerka-gui-ultimate-internet-of-things-industrial-control-systems-5ff7d9686b29Demo -...
XSpear v1.3 – Powerfull XSS Scanning And Parameter Analysis Tool
XSpear is XSS Scanner on ruby gemsKey featuresPattern matching based XSS scanningDetect alert confirm prompt event on headless browser (with...
AVCLASS++ – Yet Another Massive Malware Labeling Tool
AVCLASS++ is an appealing complement to AVCLASS , a state-of-the-art malware labeling tool.OverviewAVCLASS++ is a labeling tool for creating a...
7 Vulnerability Risk Management Resolutions To Consider in the New Year
It’s that time of year again, when people start making personal resolutions to better themselves in the new year. We...
SQLMap v1.4 – Automatic SQL Injection And Database Takeover Tool
SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and...
Turbolist3r – Subdomain Enumeration Tool With Analysis Features For Discovered Domains
Turbolist3r is a fork of the sublist3r subdomain discovery tool. In addition to the original OSINT capabilties of sublist3r, turbolist3r...
Cheers to a New Year! Rapid7’s 2020 Security Predictions
Happy New Year, everyone! While it’s ever-so-tempting to begin this blog post with an already overused “2020 vision” cliche, I...
Oh, Behave! Who Made It to Rapid7 Labs’ Naughty List(s) in 2019?
We all know jolly ol’ St. Nick just loves lists, which is an attribute he shares with the researcher elves...
Memorable Metasploit Moments of 2019
Happy HaXmas, friends and foes (substitute your nouns of choice here). The Metasploit team kicked off 2019 with the release...
Top 20 Most Popular Hacking Tools in 2019
As last year, this year we made a ranking with the most popular tools between January and December 2019.Topics of...
Pown.js – A Security Testing An Exploitation Toolkit Built On Top Of Node.js And NPM
Pown.js is a security testing and exploitation toolkit built on top of Node.js and NPM. Unlike traditional security tools like...
