Q&A from April 2020 Customer Webcast on InsightVM Dashboards & Executive Summary Report
Our recent “Seeing 20/20 with InsightVM” customer webcast on InsightVM dashboards and executive summary report was very well-attended, and we...
hacking
Self-XSS – Self-XSS Attack Using Bit.Ly To Grab Cookies Tricking Users Into Running Malicious Code
Self-XSS attack using bit.ly to grab cookies tricking users into running malicious codeHow it works?Self-XSS is a social engineering attack...
Open Sesame – A Tool Which Runs To Display Random Publicly Disclosed Hackerone Reports When Bored
A python tool which runs to display random publicly disclosed Hackerone reports when bored. Automatically opens the report in browser.Contains...
Dancing With the Breaches: A Quick Step Through the 2020 Verizon Data Breach Investigations Report (DBIR)
The Verizon Data Breach Investigations Report (DBIR) has been released, reporting its annual summary of (this year) 32,002 incidents, 3,950...
Integrity Is Indispensable: Assessing Partnerships and Performance Metrics in a Crisis Response
On our third installment of Rapid7’s Remote Work Readiness Series, join us as we reflect on how to leverage partnerships...
BlackDir-Framework – Web Application Vulnerability Scanner
Web Application Vulnerability Scanner.Spider DirectoriesFind Sub DomainAdvanced Dorks Search Scan list of Dorks Scan WebSites Reverse Ip Lookup Port ScanInstallation:git...
Sharingan – Offensive Security Recon Tool
Sharingan is a recon multitool for offensive security / bug bountyThis is very much a work in progress and I'm...
Rapid7’s InsightVM Receives Five Stars from SC Magazine
We’re proud to announce that Rapid7’s InsightVM solution was recently reviewed by SC Magazine and received a five-star report. As...
BADlnk – Reverse Shell In Shortcut File (.lnk)
Reverse Shell in Shortcut File (.lnk)How it works?Shortcut file (Microsoft Windows 9.x) LNK is a file extension for a shortcut...
ParamKit – A Small Library Helping To Parse Commandline Parameters
A small library helping to parse commandline parameters (for Windows).Objectives"like Python's argparse but for C/C++"compact and minimalisticeasy to useextendableDemoPrint help...
Hidden-Cry – Windows Crypter/Decrypter Generator With AES 256 Bits Key
Windows Crypter/Decrypter Generator with AES 256 bits keyFeatures:Works on WAN: Port Forwarding by Serveo.netFully Undetectable (FUD) -> Don't Upload to...
Evilreg – Reverse Shell Using Windows Registry Files (.Reg)
Reverse shell using Windows Registry file (.reg).Features:Reverse TCP Port Forwarding using Ngrok.ioRequirements:Ngrok Authtoken (for TCP Tunneling): Sign up at: https://ngrok.com/signupYour...
URLBrute – Tool To Brute Website Sub-Domains And Dirs
What is thisURLBrute is a tool to help you brute forcing website sub-domains and dirs.Can be used with python3 and...
Getdroid – FUD Android Payload And Listener
FUD Android Payload And ListenerRead the license before using any part from this codeMalicious Android apk generator (Reverse Shell)Legal disclaimer:Usage...
DiscordRAT – Discord Remote Administration Tool Fully Written In Python
Discord Remote Administration Tool fully written in Python3.This is a RAT controlled over Discord with over 20 post exploitation modules.Disclaimer:This...
Lockphish – A Tool For Phishing Attacks On The Lock Screen, Designed To Grab Windows Credentials, Android PIN And iPhone Passcode
Lockphish it's the first tool (05/13/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN...
DalFox (Finder Of XSS) – Parameter Analysis And XSS Scanning Tool Based On Golang
Finder Of XSS, and Dal is the Korean pronunciation of moon. What is DalFoxJust, XSS Scanning and Parameter Analysis tool....
Saycheese – Grab Target’S Webcam Shots By Link
Take webcam shots from target just sending a malicious link.How it works?The tool generates a malicious HTTPS page using Serveo...
Kaiten – A Undetectable Payload Generation
A Undetectable Payload Generation. This tool is for educational purpose only, usage of Kaiten for attacking targets without prior mutual...
How to Simplify InsightConnect Workflows Using Join Step
I think we can all agree that when you are building workflows and setting up automation for your environment with...
Kali Linux 2020.2 Release – Penetration Testing and Ethical Hacking Linux Distribution
We are incredibly excited to announce the second release of 2020, Kali Linux 2020.1.2A quick overview of what’s new since...
Clipboardme – Grab And Inject Clipboard Content By Link
Grab/Inject Clipboard ContentBrowsers are implementing a new JavaScript API for asynchronous clipboard access to integrate copy and paste into web...
Threadtear – Multifunctional Java Deobfuscation Tool Suite
Threadtear is a multifunctional deobfuscation tool for java. Suitable for easier code analysis without worrying too much about obfuscation. Even...
Patch Tuesday – May 2020
Microsoft's fifth Patch Tuesday of the year brings us fixes for 111 different security issues, just a touch under what...
