#metasploit

Good day everyone! The Microsoft Threat Intelligence team has discovered activity from a group known as #FlaxTyphoon. They are a nation-state group from China that targeted organizations in Taiwan. While the group leverages tools that are commonly used, like #ChinaChopper, #MetaSploit, and #Mimikatz, they also rely on abusing #LOLBINS, or Living-off-the-land binaries and scripts (tools that exist and come with the native operating system). Some of their TTPs include using registry key modification for persistence, using #powershell, #certutil, or #bitsadmin to download tools, and accessing #LSASS process memory and Security Account Manager registry hive for credential access. This is a great article that not only provides high-level details but it provides a starting point for any organization to start threat hunting by using the technical details provided! Enjoy your weekend and #HappyHunting!

#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #readoftheday

Has anyone installed Metasploitable within Proxmox?
Can I just run an Ubuntu/Debian Linux container and install Metasploitable within it?
#metasploit #Proxmox

yay, my papercut #exploit finally landed in the #metasploit framework! Lots of great ideas/feedback.

How to obtain username or password of another device? #hacking #metasploit

https://askubuntu.com/q/1469891/612

Machinegun is an advanced version of #Metasploit's railgun, capable of reliably running arbitrary #Windows API functions on a remote computer and getting the results to the attacker's machine. https://github.com/Idov31/Machinegun

El lado del mal - "iBombShell: Revolution". Sólo para Pentesters! https://www.elladodelmal.com/2023/03/ibombshell-revolution-solo-para.html #pentest #pentesting #pentesters #hacking #metasploit #kali #powershell

#openbsd
#metasploit
#TWM

#freebsd
#metasploit
#desktop

The data/wordlists/password.lst password list in #Metasploit has also been updated to include the master password that #LastPass suggests as an example when a user goes to create a new master password: r50$K28vaIFiYxaY

New in #Metasploit: SugarCRM #RCE, login scanner and credential gatherer for Wowza Streaming Engine Manager, and three new methods for #PetitPotam.

Plus, admin/kerberos/forge_ticket now supports a new extra_sids option — which is useful for including cross-domain SIDs for forging external #Kerberos trust tickets as part of cross-trust domain escalation. The admin/kerberos/inspect_ticket has also been updated to support viewing these extra SID values.

More Kerberos and secrets dumping improvements in this week's wrap-up!

https://www.rapid7.com/blog/post/2023/03/10/metasploit-weekly-wrap-up-196/

As I'm gathering screenshots my #NorthSec presentation, I look over at my other monitor and realize just how cool #Metasploit and #Meterpreter are

How to install #Metasploit on a #Linux distribution #Ubuntu #Fedora
https://infoidevice.fr/installer-metasploit-linux/

Great initiative 👍🏻 #Rapid7 Brings Threat Intel Data to the #University of South #Florida #Cybersecurity Lab 🛡️ Rapid7 will provide the laboratory with access to its massive data initiatives, including #Metasploit, #Velociraptor, and Sonar, says Corey Thomas, Rapid7's CEO. The laboratory will support interdisciplinary research efforts by faculty experts and students and help drive a deeper understanding of the challenges defenders are currently facing. https://www.darkreading.com/edge-articles/rapid7-brings-threat-intel-data-to-usf-cybersecurity-lab #infosec

This week's #Metasploit wrap-up c/o @zeroSteiner:

* Running count of modules now available on Metasploit's docs site: https://docs.metasploit.com/docs/modules.html
* 2023 Google Summer of Code participation
* Basic discover script now supports commas in the RHOSTS value (also better error handling!)
* New modules: Froxlor log path RCE and an unauthenticated Javascript injection in pyLoad's Click 'N' Load service

https://www.rapid7.com/blog/post/2023/02/24/metasploit-wrap-up-194/

Don't think @RoseSecurity is on here but this guide he put together on #metasploit is well worth a read, some good tips in here that I haven't seen explained elsewhere: https://medium.com/dev-genius/mastering-metasploit-five-tips-that-i-discovered-too-late-61c5ecb7c938

New in last week's #Metasploit release:

* Exploits for Cisco RV Series #CVE_2022_20707 and GitLab #CVE_2022_2992
* Bug fix for Arch warnings when starting msfconsole
* Updates to DLL template code that allow msfvenom to use (default Metasploit) DLL templates with payloads larger than 4096 bytes (e.g., unstaged payloads).

https://www.rapid7.com/blog/post/2023/02/17/metasploit-wrap-up-193/

It seems like there are somewhat perverse incentives around corporations like Rapid7 and Fortra building tools that end up being popularly adopted by threat actors.

Has there been any public discussion of that? Is it just old discourse and I need to catch up?

#infosec #cybersecurity #cobaltstrike #metasploit #threatintel

Calling all Belfast folks: Metasploit is now hiring a Lead Software Engineer. These positions don't often open and its a great chance to get to work with a great team of engineers who are very passionate about finding creative solutions. If you like working with open source software, #ruby, #rubyonrails, automation, and have worked with #metasploit Framework in the past, you'll be right at home :) https://careers.rapid7.com/jobs/lead-software-engineer-metasploit-framework-belfast-united-kingdom.

Note this job is in office in #belfast and is not remote.

Yo #metasploit fans: It's on, right now.

https://www.twitch.tv/zerosteiner