metasploit

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Metasploit finds another way to go commercial

Good luck to them but...We had a pretty bad experience with Rapid7. Their sales force was very high pressure; we were trying to do an eval but every conversation with them was "what can I do to get you to sign the contract today!" I don't know that...

Tags: Sales force management, Metasploit

Discussion threads 2009-10-26

Metasploit finds another way to go commercial

The Metasploit Project has found a way to go commercial without turning its design team into suits, as it was acquired by Rapid7. by Dana Blankenhorn

Tags: Commercial, Dana Blankenhorn, Metasploit, Metasploit Project, Team Management, Management

Blog posts 2009-10-22

Metasploit's HD Moore releases 'war dialing' tools

HD Moore wants to simplify pen-testing and simulated hacking attacks against telephone systems. The Metasploit founder has released WarVOX as a free suite of tools to explore, classify and audit a range of telephone systems, including modems, faxes, voicemail boxes, PBXs, loops, dial tones, IVRs and forwarders....

Tags: Phone, Telephone System, Tool, Metasploit, HD Moore, WarVOX, Moore, Modems, Productivity, Telephony, Telecommunications, VOIP, Fax, Telecom & Utilities, Hardware, Components, Networking, Ryan Naraine

Blog posts 2009-03-06

From Metasploit to Microsoft: Skape goes to Redmond

From Metasploit to Microsoft: Skape goes to RedmondAnyone looked at Metasploit?It will change you view on computer security forever. It's shocking to say the least. A one stop point and click tool run any exploit you can think of and few you can't.

Tags: PRODUCTIVITY, SECURITY, Metasploit, Skape, Microsoft Corp.

Discussion threads 2008-08-18

MetaSploit launches version 3.1, improves Windows GUI, supports iPhone

MetaSploit launches version 3.1, improves Windows GUI, supports iPhoneKeep the iPhone as it isI am a crusader against installing third party applications on iPhones. Let's leave the iphone as it is and use only applications from Apple.Mars M.http://www.iphone-codes.comNokia N800/N810For those who care, the Nokia 800/810 (OS 2008 is a Debian...

Tags: Operating systems, OPEN SOURCE, WIRELESS, Wi-Fi, Microsoft Windows, Apple iPhone, Metasploit, GUI

Discussion threads 2008-01-29

Blue Pill Project extends VM rootkit cat-and-mouse tussle

LAS VEGAS - The intellectual cat-and-mouse tussle over hiding and finding virtual machine rootkits has hit a new gear with a team of researchers dismissing the notion of "100 percent undetectable" malware and the release of source code for a new "Blue Pill" rootkit.As previously reported, Thomas Ptacek, co-founder of...

Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Microsoft, Metasploit, Hackers, Exploit code, Data theft, Browsers, Botnets, Black Hat

Blog posts 2007-08-02

Remembering five years of vulnerability markets

Guest Editorial by David EndlerWhile compiling some stats this week for our Zero Day Initiative two year anniversary, I came across this recent news article by the Associated Press, Researchers Seek Cash for Software Flaws. It's the latest in a long line of media coverage on the launch of...

Tags: Botnets, Black Hat, Apple, Zero-day attacks, Wireless, Windows Vista, Wi-Fi security, Vulnerability research, Viruses and Worms, Symantec, Rootkits, Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Passwords, Open source, Mozilla, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Data theft, Browsers

Blog posts 2007-08-01

Apple monster update fixes iPhone, Safari, Mac OS X flaws

LAS VEGAS -- Apple has issued a monster update with patches for about 50 security vulnerabilities affecting iPhone, Safari and Mac OS X users.In a race against the clock, the company rushed out iPhone v1.0 with fixes for four different vulnerabilities that could allow hackers to take full control of...

Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Responsible disclosure, Pen testing, Patch Watch, Open source, Mozilla, Metasploit, McAfee, Hackers, Google, Digital rights management, Data theft, Browsers, Botnets, Black Hat, Apple

Blog posts 2007-07-31

Mozilla fixes its end of URL protocol handling saga

Mozilla has fixed its end of the controversial URL protocol handling vulnerability that puts Windows users at risk of PC takeover attacks.Exactly a week after admitting that Firefox was just as guilty as Internet Explorer when it comes to passing dangerous data to third party applications, the open-source group shipped...

Tags: Zero-day attacks, Vulnerability research, Viruses and Worms, Spyware and Adware, Responsible disclosure, Pen testing, Patch Watch, Passwords, Open source, Mozilla, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Data theft, Apple

Blog posts 2007-07-31

Google hires browser hacking guru

Google has snapped up one of the sharpest minds in the hacker community, luring Michal Zalewski to help lock down its long list of Internet facing products.Zalewski, a 26-year-old computer security whiz from Poland, joined the search engine giant about a week ago to work as an Information Security Engineer.He...

Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Responsible disclosure, Pen testing, Patch Watch, Passwords, Open source, Mozilla, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat

Blog posts 2007-07-30

Can Trend Micro's botnet identification service make a difference?

Trend Micro today rolled out its SecureCloud software-as-a-service platform with a new Botnet Identification Service BIS to help find botnet command-and-control servers and block communications between them and the zombie PCs they control.Geared towards ISPs and enterprise customers, the botnet ID service can be used to block communication to/from command-and-control...

Tags: Vulnerability research, Viruses and Worms, Symantec, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Microsoft, Passwords, Metasploit, McAfee, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets

Blog posts 2007-07-30

German hacker denied entry into U.S. for Black Hat training

Thomas Dullien, a prominent security researcher who has been a fixture at the annual Black Hat security conference, has been denied entry into the U.S. to attend and conduct training at this year's confab.Dullien left, a German reverse engineering whiz known in hacker circles as "Halvar Flake," said he was...

Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Responsible disclosure, Pen testing, Patch Watch, Passwords, Microsoft, Metasploit, Hackers, Exploit code, Digital rights management, Data theft, Cisco, Browsers, Botnets, Black Hat

Blog posts 2007-07-29

Some great security apps are still free

Last week, I wrote dismissively about Symantec adding a $29.99 a year price tag on its new Norton AntiBot technology, calling it a bit of a con job to sell all these different security tools to protect users against malware.Well, it turns out that there are some great FREE security...

Tags: Data theft, Browsers, Botnets, Apple, Digital rights management, Exploit code, Firefox, Hackers, McAfee, Metasploit, Mozilla, Open source, Passwords, Patch Watch, Pen testing, Privacy, Rootkits, Spam and Phishing, Spyware and Adware, Viruses and Worms, Vulnerability research, Wi-Fi security, Zero-day attacks

Blog posts 2007-07-25

Free utility looks for missing security patches

Secunia has shipped a downloadable version of a free utility that scans Windows machines to find missing software patches.The tool, an enhancement to the Secunia Software inspector (a Web-based scanner I've covered before), can be used to inspect and monitor more than 4,200 different PC applications to flag dangerous vulnerabilities.This...

Tags: Hackers, Metasploit, Spyware and Adware, Botnets, Google, Firefox, Exploit code, Vulnerability research, Patch Watch, Data theft, Browsers, Windows Vista, Pen testing, Apple, Viruses and Worms, Passwords, Open source, Responsible disclosure, Mozilla, Microsoft

Blog posts 2007-07-24

Mozilla caught napping on URL protocol handling flaw

Uh-oh. The latest twist in the URL protocol handling vulnerability saga has left eggs on the faces of the security folks at Mozilla.It turns out that Mozilla's Firefox is just as guilty Microsoft's Internet Explorer when it comes to passing dangerous data to third party applications.Over the last two...

Tags: Zero-day attacks, Windows Vista, Vulnerability research, Spyware and Adware, Viruses and Worms, Responsible disclosure, Pen testing, Patch Watch, Open source, Mozilla, Microsoft, Metasploit, Google, Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat

Blog posts 2007-07-23

CEO out in Core Security shake-up

Core Security Technologies, one of a handful of companies hawking penetration testing tools to businesses, is looking for a new CEO to replace Paul Paget.According to an analyst report from The 451 Group, there are red flags about the future of Core after news emerged that Paget and product manager...

Tags: Zero-day attacks, Vulnerability research, Spyware and Adware, Responsible disclosure, Pen testing, Patch Watch, Passwords, Open source, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Digital rights management, Data theft, Browsers, Botnets, Black Hat

Blog posts 2007-07-23

Code execution exploit dings iPhone

Apple's iPhone has failed the security smell test.Researchers at Security Evaluators have found what is believed to be the first remote code execution flaw affecting the device -- a bug that can be used to take full control of an iPhone surfing to a rigged Web site.Dr Charlie Miller, a...

Tags: Wi-Fi security, Vulnerability research, Viruses and Worms, Responsible disclosure, Pen testing, Patch Watch, Passwords, Mozilla, Microsoft, Metasploit, Hackers, Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat, Apple

Blog posts 2007-07-23

Microsoft: 'Very difficult' to block IE attack vector

A member of Microsoft's Internet Explorer team says it is "very difficult" to put protections in place to block the protocol handlers attack vector exposed by the recent IE-to-Firefox code execution vulnerability.Markellos Diorinos, a product manager on the IE team, insists it is the responsibility of the receiving called application...

Tags: Zero-day attacks, Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Mozilla, Microsoft, Metasploit, Google, Firefox, Exploit code, Data theft, Browsers, Botnets

Blog posts 2007-07-20

MPack exploit kit creator speaks

SecurityFocus.com reporter Rob Lemos has a fascinating interview with one of the developers of MPack, the exploit kit used in thousands of drive-by malware attacks.In the interview, presented from multiple IRC conversations and edited/reordered for clarity, Lemos does a nice job of peeking behind the dark curtain of exploit writing...

Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Passwords, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat

Blog posts 2007-07-20

Opera plugs nasty code execution hole

You can add Opera to the list of Web browsers singing the security blues.A new version of the cross-platform browser was released today to plug a highly critical code execution bug in the way Opera integrates support for BitTorrent downloads.The skinny from an iDefense alert:When parsing a specially crafted BitTorrent...

Tags: BitTorrent, Botnets, Browsers, Data theft, Exploit code, Firefox, Hackers, Metasploit, Microsoft, Mozilla, Opera Software ASA, Passwords, Patch Watch, Pen testing, Responsible disclosure, Rootkits, Ryan Naraine, Spyware and Adware, Vulnerability research

Blog posts 2007-07-19