Kubernetes Namespaces Are Not as Secure as You Think
In a previous article, we described how the usage of namespaces in Kubernetes significantly simplifies the management of a Kubernetes...
tools
Looking Back and Moving Forward With Rapid7’s Cloud Security Solution
This blog post was co-authored by Jamie Gale and Charles Stokes. Done with Q1The DivvyCloud by Rapid7 team has had...
Columbo – A Computer Forensic Analysis Tool Used To Simplify And Identify Specific Patterns In Compromised Datasets
Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets. It breaks down...
ThreatMapper – Identify Vulnerabilities In Running Containers, Images, Hosts And Repositories
The Deepfence Runtime Threat Mapper is a subset of the Deepfence cloud native workload protection platform, released as a community...
Security Isn’t a Four-Letter Word: How Infrastructure as Code (IaC) Amplifies DevOps Through the Inclusion of Security
Our fast-paced lives are fueled by innovative, cloud-native companies. We are able to watch our favorite programs and movies from...
A Quick Look Into Cloud Infrastructure Entitlement Management (CIEM)
The cloud security solutions market is growing rapidly, and there are many types of solutions to support your specific business...
A Quick Look Into Cloud Workload Protection Platforms (CWPPs)
The cloud security solutions market is growing rapidly, and there are many types of solutions to support your specific business...
MDR Vendor Must-Haves, Part 4: Ingestion of Authentication Data Across Local, Domain, and Cloud Sources
This blog post is part of an ongoing series about evaluating Managed Detection and Response (MDR) providers. For more insights,...
Burpsuite-Copy-As-XMLHttpRequest – Copy As XMLHttpRequest BurpSuite Extension
The extension adds a context menu to BurpSuite that allows you to copy multiple requests as Javascript's XmlHttpRequest, which simplifies...
Scylla – The Simplistic Information Gathering Engine | Find Advanced Information On A Username, Website, Phone Number, Etc…
Scylla is an OSINT tool developed in Python 3.6. Scylla lets users perform advanced searches on Instagram & Twitter accounts,...
Rapid7 Releases New Industry Cyber-Exposure Report (ICER): Fortune 500
Today, Rapid7 just released the first in our all-new Industry Cyber-Exposure Report (ICER) series. For those of you who have...
UAC – Unix-like Artifacts Collector
UAC is a Live Response collection tool for Incident Response that makes use of built-in tools to automate the collection...
Maigret – OSINT Username Checker. Collect A Dossier On A Person By Username From A Huge Number Of Sites
The Commissioner Jules Maigret is a fictional French police detective, created by Georges Simenon. His investigation method is based on...
A Quick Look Into Cloud Security Posture Management (CSPM)
The cloud security solutions market is growing rapidly, and there are many types of solutions to support your specific business...
InsightIDR’s Log Search: Recent Enhancements and Upcoming Investments
Log data is critical to ensuring that you have full visibility into what’s going on across your environment. Alongside endpoint...
What’s New in InsightAppSec and tCell: Q1 2021 in Review
2021 is off and running! The big question on the corporate world’s mind is, of course, “What will work life...
Watson – Enumerate Missing KBs And Suggest Exploits For Useful Privilege Escalation Vulnerabilities
Watson is a .NET tool designed to enumerate missing KBs and suggest exploits for Privilege Escalation vulnerabilities.Supported VersionsWindows 10 1507,...
SharpHound3 – C# Data Collector For The BloodHound Project
Get SharpHoundThe latest build of SharpHound will always be in the BloodHound repository here Compile InstructionsSharpHound is written using C#...
DefenderCheck – Identifies The Bytes That Microsoft Defender Flags On
Quick tool to help make evasion work a little bit easier. Takes a binary as input and splits it until...
SharpGPOAbuse – Tool To Take Advantage Of A User’S Edit Rights On A Group Policy Object (GPO) In Order To Compromise The Objects That Are Controlled By That GPO
SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights...
Tuf – A Framework For Securing Software Update Systems
This repository is the reference implementation of The Update Framework (TUF). It is written in Python and intended to conform...
SecretScanner – Find Secrets And Passwords In Container Images And File Systems
Deepfence SecretScanner can find any potential secrets in container images or file systems. What are Secrets?Secrets are any kind of...
SharpDPAPI – A C# Port Of Some Mimikatz DPAPI Functionality
SharpDPAPI is a C# port of some DPAPI functionality from @gentilkiwi's Mimikatz project.I did not come up with this logic,...
Seatbelt – A C# Project That Performs A Number Of Security Oriented Host-Survey “Safety Checks” Relevant From Both Offensive And Defensive Security Perspectives
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and...
