Metasploit

Pierluigi Paganini September 07, 2019
Experts add a BlueKeep exploit module to MetaSploit

Maintainers of the open-source Metasploit penetration testing framework have added a public exploit module for the BlueKeep Windows flaw. There is a surprise for Metasploit users, maintainers of the open-source penetration testing framework have added a public exploit module for the BlueKeep Windows flaw. The BlueKeep vulnerability, tracked as CVE-2019-0708, impacts the Windows Remote Desktop Services (RDS) and was addressed by Microsoft […]

Pierluigi Paganini June 05, 2019
Expert developed a MetaSploit module for the BlueKeep flaw

A security expert has developed a Metasploit module to exploit the critical BlueKeep vulnerability and get remote code execution. The security researcher ZǝÉčosum0x0 has developed a module for the popular Metasploit penetration testing framework to exploit the critical BlueKeep flaw. The vulnerability, tracked as CVE-2019-0708, impacts the Windows Remote Desktop Services (RDS) and was addressed by Microsoft with May […]

Pierluigi Paganini January 12, 2019
Rapid7 announced the release of Metasploit 5.0

Rapid7 announced the release of Metasploit 5.0, the latest version of the popular penetration testing framework that promises to be very easy to use. Rapid7 announced the release of Metasploit 5.0, the new version includes several new important features and, the company believes it will easier to use and more powerful. Most important changes introduced […]

Pierluigi Paganini May 23, 2018
Turla APT group leverages for the first time the Metasploit framework for the Mosquito campaign

Security experts from ESET observed the Turla APT group leveraging for the first time the Metasploit framework in the Mosquito campaign The Russia-linked Turla APT group continues its cyber espionage campaigns shifting towards more generic tools to remain under the radar. Turla is the name of a Russian cyber espionage APT group (also known as […]

Pierluigi Paganini February 07, 2018
Automated Hacking Tool Autosploit Cause Concerns Over Mass Exploitation

The Autosploit hacking tool was developed aiming to automate the compromising of remote hosts both by collecting automatically targets as well as by using Shodan.io API. Users can define its platform search queries like Apache, IIS and so forth to gather targets to be attacked. After gathering the targets, the tool uses Metasploit modules of its […]

Pierluigi Paganini February 07, 2018
Researchers ported the NSA  EternalSynergy, EternalRomance, and EternalChampion to Metasploit

Security researcher Sean Dillon ported three NSA-linked exploits, EternalSynergy, EternalRomance, and EternalChampion, to the Metasploit platform. The security researcher at RiskSense Sean Dillon (@zerosum0x0) ported the Rapid7 Metasploit three hacking tools supposedly stolen from the NSA-linked Equation Group. The researcher modified the exploits to use them also against latest windows versions and merged them into the Metasploit […]

Pierluigi Paganini March 22, 2017
New Metasploit RFTransceiver extension allows testing IoT sevices

Metasploit RFTransceiver extension implements the Hardware Bridge API that will allow organizations to test wireless devices operating outside 802.11 spec. Recently we reported the news of the availability of a new hardware bridge for Metasploit extension to test hardware, including IoT devices. We have to consider that IoT devices are pervading our day life such as into […]

Pierluigi Paganini March 05, 2017
Metasploit team released Metasploit Vulnerable Services Emulator

Rapid7 released the Metasploit Vulnerable Services Emulator, a new tool that can be used by IT experts to emulate vulnerable services. Which is the best way to protect a system? You need to think of the system in the attacker’s perspective, for this reason, Metasploit has now a new tool that can be used to […]

Pierluigi Paganini February 03, 2017
Popular hacking toolkit Metasploit adds hardware testing capabilities

The Metasploit hacking toolkit now includes a new hardware bridge that makes it easier for users to analyze hardware devices. The popular offensive hacking toolkit Metasploit now is powerful, it included a hardware bridge to conduct security tests on hardware. It is a great support to the users that have to test hardware, including IoT devices. […]

Pierluigi Paganini February 13, 2015
How to remotely install malicious apps on Android devices

Security researchers discovered how to install and launch malicious applications remotely on Android devices exploiting two flaws. Security researchers have uncovered a couple of vulnerabilities in the Google Play Store that could allow cyber criminals to install and launch malicious apps remotely on Android mobile devices. The expert Tod Beardsley, technical lead for the Metasploit […]