Viss<p><span class="h-card" translate="no"><a href="https://mstdn.social/@stux" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>stux</span></a></span> heh, yeah the msf folks are pretty fast :D</p><p>years ago i used to chill in <a href="https://mastodon.social/tags/metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>metasploit</span></a> on freenode with them all and it was super awesome to be part of the discussion when a new thing landed. </p><p>it was SUPER SUPER COMMON for some crazy bullshit vuln to land at like 9pm on a friday night, and we'd spend all weekend screwing around making payloads.</p><p>the good ol days :D</p>
sigmoid.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A social space for people researching, working with, or just interested in AI!
Administered by:
Server stats:
594active users
sigmoid.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.2
#metasploit
1 post · 1 participant · 0 posts today
stux⚡<p>Oh wow, someone already made <a href="https://mstdn.social/tags/Metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Metasploit</span></a> modules that target CVE-2025-53770 and CVE-2025-53771 in the recent <a href="https://mstdn.social/tags/SharePoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SharePoint</span></a> 0-Day vulnerabilities</p>
Tod Beardsley<p>Something like 10 years ago, I noticed that if you looked at the commit counts on <a href="https://infosec.exchange/tags/Metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Metasploit</span></a> modules, you'd get a good idea of what modules people were actually using and wanting to improve. The idea being, these were modules that pentesters were actually using on site, and something about them bugged someone enough to put in a fix (maybe a missing target, or more options, or whatever).</p><p>I just looked again today after a conversation with <span class="h-card" translate="no"><a href="https://infosec.exchange/@sawaba" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>sawaba</span></a></span>, and also looked at <a href="https://infosec.exchange/tags/Nuclei" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Nuclei</span></a> templates. Here's the top 10 of each, limited to the last 5 years worth of commits, excluding GitHub actions.</p><p>Whatcha think? Interesting?</p><pre><code>exploits/multi/http/papercut_ng_auth_bypass.rb 38<br>exploits/multi/http/open_web_analytics_rce.rb 37<br>exploits/windows/local/bits_ntlm_token_impersonation.rb 37<br>exploits/windows/http/manageengine_adaudit_plus_cve_2022_28219.rb 32<br>exploits/linux/local/sudo_baron_samedit.rb 31<br>exploits/unix/webapp/openmediavault_rpc_rce.rb 29<br>exploits/linux/http/librenms_authenticated_rce_cve_2024_51092.rb 28<br>exploits/linux/http/empire_skywalker.rb 28<br>exploits/multi/http/log4shell_header_injection.rb 26<br>exploits/windows/http/exchange_proxylogon_rce.rb 26<br><br><br>./http/cves/2019/CVE-2019-17382.yaml 27<br>./http/cves/2021/CVE-2021-40822.yaml 27<br>./http/cves/2023/CVE-2023-27034.yaml 27<br>./http/cves/2021/CVE-2021-43798.yaml 27<br>./http/cves/2023/CVE-2023-32243.yaml 27<br>./http/cves/2021/CVE-2021-40870.yaml 26<br>./network/cves/2016/CVE-2016-3510.yaml 26<br>./http/cves/2021/CVE-2021-28164.yaml 26<br>./network/cves/2020/CVE-2020-1938.yaml 26<br>./http/cves/2022/CVE-2022-23854.yaml 25<br></code></pre>
Cyberkid<p>Metasploit Basics: Your First Stop in Ethical Exploitation 🚂💻🛡️</p><p>The Metasploit Framework is a powerful tool used by ethical hackers and penetration testers to identify and validate security vulnerabilities — all within authorized lab environments.</p><p>🧠 What you'll learn as a beginner:<br>• Launching msfconsole and navigating modules<br>• Using search, use, and show options commands<br>• Exploiting known vulnerabilities (e.g., MS08-067) in test environments<br>• Understanding payloads, listeners, and sessions<br>• Basics of Meterpreter for post-exploitation testing</p><p>🎯 Ideal for cybersecurity learners, OSCP candidates, and red teamers building foundational skills — ethically and safely.</p><p>Disclaimer: This content is intended for educational and ethical use only. Use Metasploit only in lab environments or with explicit permission.</p><p><a href="https://defcon.social/tags/Metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Metasploit</span></a> <a href="https://defcon.social/tags/EthicalHacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EthicalHacking</span></a> <a href="https://defcon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://defcon.social/tags/RedTeamTools" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RedTeamTools</span></a> <a href="https://defcon.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://defcon.social/tags/EducationOnly" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EducationOnly</span></a> <a href="https://defcon.social/tags/PenTestReady" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PenTestReady</span></a> <a href="https://defcon.social/tags/OffensiveSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OffensiveSecurity</span></a> <a href="https://defcon.social/tags/Meterpreter" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Meterpreter</span></a></p>
Cyberkid<p>🛡️ Nmap, Metasploit, Hydra, Mimikatz, Netcat: Overview & Uses 🔍</p><p><a href="https://defcon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> 🛡️ <a href="https://defcon.social/tags/PenTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PenTesting</span></a> 🎯 <a href="https://defcon.social/tags/EthicalHacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EthicalHacking</span></a> 💻 <a href="https://defcon.social/tags/Nmap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Nmap</span></a> 🔍 <a href="https://defcon.social/tags/Metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Metasploit</span></a> <a href="https://defcon.social/tags/Hydra" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hydra</span></a> 🔑 <a href="https://defcon.social/tags/Netcat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Netcat</span></a> 🌐</p>
Florian<p>Red Alert, we're breaking the <a href="https://infosec.exchange/tags/offSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>offSec</span></a> rule and doing <a href="https://infosec.exchange/tags/metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>metasploit</span></a> TWICE! Join me in just under 3 hours as we dig more into the Metasploit <a href="https://infosec.exchange/tags/tryHackMe" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tryHackMe</span></a> content, viewed through the lens of <a href="https://infosec.exchange/tags/accessibility" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>accessibility</span></a> as I use and depend on a <a href="https://infosec.exchange/tags/screenReader" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>screenReader</span></a> to do what I do. Curious how <a href="https://infosec.exchange/tags/blind" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blind</span></a> people even computer? Come <a href="https://infosec.exchange/tags/AMA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AMA</span></a> over at <a href="https://twitch.tv/IC_Null" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">twitch.tv/IC_Null</span><span class="invisible"></span></a> or <a href="https://youtube.com/@blindlyCoding" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtube.com/@blindlyCoding</span><span class="invisible"></span></a> <a href="https://infosec.exchange/tags/twitch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>twitch</span></a> <a href="https://infosec.exchange/tags/youtube" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>youtube</span></a> <a href="https://infosec.exchange/tags/selfPromo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfPromo</span></a> <a href="https://infosec.exchange/tags/goingLive" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>goingLive</span></a></p>
Florian<p>so... we have been streaming <a href="https://infosec.exchange/tags/accessibility" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>accessibility</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> content for several months now and we haven't even done one on <a href="https://infosec.exchange/tags/Metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Metasploit</span></a> yet. Howe about we do that, next? Might even run into some dumb <a href="https://infosec.exchange/tags/tryHackMe" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tryHackMe</span></a> misconfigurations that make it unnecessarily difficult for <a href="https://infosec.exchange/tags/blind" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blind</span></a> <a href="https://infosec.exchange/tags/screenReader" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>screenReader</span></a> users, who knows! :) See you in 3 hours over at <a href="https://youtube.com/@blindlyCoding" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtube.com/@blindlyCoding</span><span class="invisible"></span></a> or <a href="https://twitch.tv/IC_Null" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">twitch.tv/IC_Null</span><span class="invisible"></span></a><br>New to all this? I'm a screenreader user who hacks stuff. People often think this is an impossible combination. I stream to prove the opposite <a href="https://infosec.exchange/tags/infoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infoSec</span></a> <a href="https://infosec.exchange/tags/disability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>disability</span></a> <a href="https://infosec.exchange/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tech</span></a> <a href="https://infosec.exchange/tags/selfPromo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfPromo</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.space/@ada" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ada</span></a></span> you mean the same <a href="https://infosec.space/tags/UK" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UK</span></a> that has it's <a href="https://infosec.space/tags/NCA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NCA</span></a> spread <a href="https://infosec.space/tags/cyberfacist" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberfacist</span></a> <a href="https://infosec.space/tags/disinfo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>disinfo</span></a> amd that refuses to acknowledge <a href="https://infosec.space/tags/Brexit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Brexit</span></a> being orchestrated by <a href="https://infosec.space/tags/liars" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>liars</span></a> that are at best <a href="https://infosec.space/tags/UsefulIdiots" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UsefulIdiots</span></a> if not <a href="https://infosec.space/tags/ForeignAgents" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ForeignAgents</span></a> hell-bent on weakening the west?</p><p><span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@kalilinux" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>kalilinux</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@metasploit" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>metasploit</span></a></span> <br><a href="https://infosec.space/tags/TorBrowser" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TorBrowser</span></a> <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tor</span></a> <a href="https://infosec.space/tags/VirtualBox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VirtualBox</span></a> <a href="https://infosec.space/tags/Kali" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kali</span></a> <a href="https://infosec.space/tags/KaliLinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KaliLinux</span></a> <a href="https://infosec.space/tags/WifiPineapple" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WifiPineapple</span></a> <a href="https://infosec.space/tags/Discord" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Discord</span></a> <a href="https://infosec.space/tags/Metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Metasploit</span></a></p>
Metasploit<p>Our team will show off new <a href="https://infosec.exchange/tags/Metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Metasploit</span></a> Framework features and enhancements at both <a href="https://infosec.exchange/tags/BHUSA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BHUSA</span></a> Arsenal and <a href="https://infosec.exchange/tags/DEFCON" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DEFCON</span></a> Demo Labs this week🐚</p><p>Rapid7 researchers <span class="h-card" translate="no"><a href="https://infosec.exchange/@zeroSteiner" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>zeroSteiner</span></a></span> + Jack Heysel will demo Metasploit 6.4's latest, focusing on combinations that allow for new, streamlined attack workflows. Don't miss it!</p>
Metasploit<p>Last week's <a href="https://infosec.exchange/tags/Metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Metasploit</span></a> release included a new GeoServer unauthenticated RCE module, plus Meterpreter fixes and other enhancements. <a href="https://www.rapid7.com/blog/post/2024/07/19/metasploit-weekly-wrap-up-7-19-2024/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">rapid7.com/blog/post/2024/07/1</span><span class="invisible">9/metasploit-weekly-wrap-up-7-19-2024/</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://social.lfx.dev/@openssf" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>openssf</span></a></span> personally, I doubt that <em>"<a href="https://infosec.space/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a>"</em> or whatever one puts under it can do that - at best it can just automate <a href="https://infosec.space/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentesting</span></a> by throwing <a href="https://infosec.space/tags/Metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Metasploit</span></a> at it and see what sticks or other known scenarios.</p><ul><li><em>"AI"</em> as of now can't find new exploits and espechally not create fixes that are human-readable and thus maintainable code, and I'm shure <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> will - like <em><a href="https://infosec.space/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>curl</span></a></em> - ban automated reports and submissions that are clearly not human-made and just <a href="https://infosec.space/tags/spam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>spam</span></a>.</li></ul>
Josh Bressers<p>This <span class="h-card" translate="no"><a href="https://infosec.exchange/@CypherCon" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>CypherCon</span></a></span> <a href="https://infosec.exchange/tags/HackerHistory" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackerHistory</span></a> we talk to <span class="h-card" translate="no"><a href="https://infosec.exchange/@hdm" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>hdm</span></a></span> about his amazing journey</p><p>We of course cover <a href="https://infosec.exchange/tags/Metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Metasploit</span></a>, and IRC shenanigans, and some very old computers</p><p>It's a great conversation!</p><p><a href="https://hackerhistory.com/podcast/the-history-of-hd-moore/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackerhistory.com/podcast/the-</span><span class="invisible">history-of-hd-moore/</span></a></p>
Viss<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@wvu" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>wvu</span></a></span> i miss the irc <a href="https://mastodon.social/tags/metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>metasploit</span></a> days back on freenode. it was so rad, looking back, watching some vuln get published and then watch the whole channel light up and for a new module to appear. </p><p>pretty sure that energy is gone now</p>
Metasploit<p><a href="https://infosec.exchange/tags/Metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Metasploit</span></a> Framework 6.4 is out now 🎉 New features include: </p><p>* Windows <a href="https://infosec.exchange/tags/Meterpreter" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Meterpreter</span></a> support for indirect system calls<br>* Windows Meterpreter memory searching<br>* <a href="https://infosec.exchange/tags/Kerberos" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kerberos</span></a> improvements (support for Diamond and Sapphire techniques)<br>* DNS configuration and query handling enhancements (minimize DNS leaks!)<br>* New interactive session types (PostgreSQL, MSSQL, MySQL, SMB)<br>* Discoverability improvements for module searching</p><p>Huge thanks to the community and our stellar team for their work developing new features, adding fresh modules, reporting and fixing bugs, and suggesting enhancements. We appreciate you.</p><p><a href="https://www.rapid7.com/blog/post/2024/03/25/metasploit-framework-6-4-released/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">rapid7.com/blog/post/2024/03/2</span><span class="invisible">5/metasploit-framework-6-4-released/</span></a></p>
Caitlin Condon<p>We're pumped to announce the release of <a href="https://infosec.exchange/tags/Metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Metasploit</span></a> Framework 6.4! 🎉</p><p>This is a feature release that includes:<br>* Windows <a href="https://infosec.exchange/tags/Meterpreter" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Meterpreter</span></a> support for indirect system calls<br>* Windows Meterpreter memory searching<br>* <a href="https://infosec.exchange/tags/Kerberos" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kerberos</span></a> improvements (support for Diamond and Sapphire techniques)<br>* DNS configuration and query handling enhancements (minimize DNS leaks!)<br>* New interactive session types<br>* Discoverability improvements for module searching<br>* And more!</p><p>Huge thanks to our stellar team led by <span class="h-card" translate="no"><a href="https://infosec.exchange/@zeroSteiner" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>zeroSteiner</span></a></span> 🐚 <a href="https://www.rapid7.com/blog/post/2024/03/25/metasploit-framework-6-4-released/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">rapid7.com/blog/post/2024/03/2</span><span class="invisible">5/metasploit-framework-6-4-released/</span></a></p>
SnoopGod<p>SnoopGod Linux: Step by Step Guide <a href="https://mastodon.social/tags/owasp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>owasp</span></a> <a href="https://mastodon.social/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hacking</span></a> <a href="https://mastodon.social/tags/Hacked" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hacked</span></a> <a href="https://mastodon.social/tags/viral" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>viral</span></a> <a href="https://mastodon.social/tags/curso" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>curso</span></a> <a href="https://mastodon.social/tags/phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phishing</span></a> <a href="https://mastodon.social/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentesting</span></a> <a href="https://mastodon.social/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://mastodon.social/tags/kali" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kali</span></a> <a href="https://mastodon.social/tags/META" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>META</span></a> <a href="https://mastodon.social/tags/metadata" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>metadata</span></a> <a href="https://mastodon.social/tags/hackingetico" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hackingetico</span></a> <a href="https://mastodon.social/tags/metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>metasploit</span></a> <a href="https://mastodon.social/tags/meterpreter" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>meterpreter</span></a> <a href="https://mastodon.social/tags/dmz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dmz</span></a> <a href="https://mastodon.social/tags/honeypot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>honeypot</span></a><br><a href="https://mastodon.social/tags/SnoopGod" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SnoopGod</span></a> <a href="https://mastodon.social/tags/SnoopGodLinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SnoopGodLinux</span></a> <a href="https://youtu.be/0I8Y4sRWNBU?si=2QCXAxlXd1vBTNZT" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">youtu.be/0I8Y4sRWNBU?si=2QCXAx</span><span class="invisible">lXd1vBTNZT</span></a></p>
Caitlin Condon<p>Surprise GitHub notifications for 2019 <a href="https://infosec.exchange/tags/Metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Metasploit</span></a> issues are kind of a neat little walk down memory lane 🥲 Less neat, but not at all surprising, is that <a href="https://infosec.exchange/tags/EternalBlue" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EternalBlue</span></a> is still being used regularly in 2024.</p>
@ours44 #En Grève 🇵🇸<p><span class="h-card" translate="no"><a href="https://shelter.moe/@fenarinarsa" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>fenarinarsa</span></a></span> Appel à la sous-traitance pour les programmes, carences de compétences en interne, absence d'audit de code indépendant ... et après on s'étonne qu'il y ait des failles comme celle-là.<br>France-Travail n'est pas le seul, bien d'autre sites institutionnelle souffrent des mêmes maux.</p><p>Happy <a href="https://mamot.fr/tags/metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>metasploit</span></a></p>
Ron Bowes<p>The Rapid7 blog on JetBrains TeamCity is SAVAGE - especially the disclosure timeline. I know from previously working on that team that we tried hard to be friendly and cooperative with vendors.</p><p>The fact that Rapid7 calls them out on their behaviour means it must have been BAD!</p><p><a href="https://infosec.exchange/tags/vulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilities</span></a> <a href="https://infosec.exchange/tags/poc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>poc</span></a> <a href="https://infosec.exchange/tags/metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>metasploit</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p><p><a href="https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">rapid7.com/blog/post/2024/03/0</span><span class="invisible">4/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/</span></a></p>
Ron Bowes<p>A couple weeks ago I got a bit nerdsniped by Mr_Me and dug into a years-old vulnerability in Ivanti Endpoint Manager. The advisory says "code injection", but rumours on social media said "backdoored open source". I had a look around, and wrote up what I discovered:</p><p><a href="https://www.labs.greynoise.io/grimoire/2024-02-what-is-this-old-ivanti-exploit/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">labs.greynoise.io/grimoire/202</span><span class="invisible">4-02-what-is-this-old-ivanti-exploit/</span></a></p><p><a href="https://infosec.exchange/tags/vuln" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vuln</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/ivanti" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ivanti</span></a> <a href="https://infosec.exchange/tags/backdoor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>backdoor</span></a> <a href="https://infosec.exchange/tags/metasploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>metasploit</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload