CyberRange – The Open-Source AWS Cyber Range
This CyberRange project represents the first open-source Cyber Range blueprint in the world.This project provides a bootstrap framework for a...
hacking
Dsiem – Security Event Correlation Engine For ELK Stack
Dsiem is a security event correlation engine for ELK stack, allowing the platform to be used as a dedicated and...
Exploitivator – Automate Metasploit Scanning And Exploitation
This has only been tested on Kali.It depends on the msfrpc module for Python, described in detail here: https://www.trustwave.com/Resources/SpiderLabs-Blog/Scripting-Metasploit-using-MSGRPC/Install the...
Metasploit Wrap-Up
Powershell Express Delivery The web_delivery module is often used to deliver a payload during post exploitation by quickly firing up...
The Most Commonly Exploited Web Application Vulnerabilities in a Production Environment
Some of the most common web application vulnerabilities tend to be the most exploited because they are difficult to spot,...
RTTM – Real Time Threat Monitoring Tool
Monitoring possible threats of your company on Internet is an impossible task to be achieved manually. Hence many threats of...
HashCobra – Hash Cracking Tool
hashcobra Hash Cracking tool.Usage$ ./hashcobra -H--====--usage: hashcobra -o <opr> | options: -a <alg> - hashing algorithm - ? to list...
Splunk Attack Range – A Tool That Allows You To Create Vulnerable Instrumented Local Or Cloud Environments To Simulate Attacks Against And Collect The Data Into Splunk
The Attack Range solves two main challenges in development of detections. First, it allows the user to quickly build a...
Building a Culture of Security Awareness: How to Use Performance Metrics to Communicate SOC Effectiveness Throughout Your Org
It’s no secret that as the security landscape becomes increasingly complex, resources are becoming harder and harder to find. Team...
IoT Vuln Disclosure: Children’s GPS Smart Watches (R7-2019-57)
Executive summary As part of a recent IoT hacking training exercise, a number of Rapid7 penetration testers set out to...
Patch Tuesday – December 2019
Today we come to the end of 2019's monthly Microsoft Patch Tuesday (also known as Update Tuesday). This Christmas, Microsoft...
How to Actually Reduce Risk in Your Environment
What is a vulnerability risk management program? A vulnerability risk management program is imperative at any organization to secure assets,...
How I Shut Down a (Test) Factory with a Single Layer 2 Packet
At Rapid7 Labs we are always on the look for new research topics and fields to stick our fingers in...
Ffuf – Fast Web Fuzzer Written In Go
A fast web fuzzer written in Go.Heavily inspired by the great projects gobuster and wfuzz.FeaturesFast!Allows fuzzing of HTTP header values,...
Fileintel – A Modular Python Application To Pull Intelligence About Malicious Files
This is a tool used to collect various intelligence sources for a given file. Fileintel is written in a modular...
Genact – A Nonsense Activity Generator
Pretend to be busy or waiting for your computer when you should actually be doing real work! Impress people with...
Government-funded researchers investigate vulnerabilities in EV charging stations
Charging stations for electric cars have sprung up across the country in recent years as hybrid vehicles continue to gain...
New Golang brute-forcer discovered amid rise in e-commerce attacks
E-commerce websites continue to be targeted by online criminals looking to steal personal and payment information directly from unaware shoppers....
GitHub Increases Bug Bounty Program Rewards
GitHub revealed on Tuesday that last year it paid out $165,000 to researchers who took part in its public bug...
Cobalt Strike
Cobalt Strike is software for Adversary Simulations and Red Team Operations. What this means is, if you wanted to test your...
An Anonymous group just took down a fifth of the dark web
Visitors to more than 10,000 Tor-based websites were met with an alarming announcement this morning: “Hello, Freedom Hosting II, you...
Three Mobile Data Breach
Customer information from more than 130,000 users of the Three mobile network has been compromised in a cyber security breach,...
UK Snoopers Charter 2 passed
Well that's not good, not good at all. The new bill will force internet companies to store their users’ browsing data...
BlackHat Europe 2016: Day 1 of 2
Today was day 1 of 2 for me at BlackHat Europe 2016, one of my highlights was the tool Bloodhound ...
