Rapid7
@rapid7
Followers
122,807
Following
2,714
Media
1,958
Statuses
14,581
With Rapid7 technology, services and research, organizations around the globe can break down barriers, accelerate innovation, and securely advance.
Boston, MA
Joined March 2009
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
namjoon
• 345951 Tweets
Linkin Park
• 156583 Tweets
Adalet
• 138014 Tweets
FOR ASIA
• 123469 Tweets
BTS PAVED THE WAY
• 84214 Tweets
Chester
• 81106 Tweets
علي النبي
• 79573 Tweets
小泉進次郎
• 59762 Tweets
Hayırlı Cumalar
• 49643 Tweets
#يوم_الجمعه
• 34670 Tweets
エイリアン
• 32686 Tweets
知的レベル
• 30194 Tweets
資さんうどん
• 29932 Tweets
GRABTOUR LINGORM
• 28507 Tweets
すかいらーく
• 27005 Tweets
大阪府警
• 20282 Tweets
MARK TUAN BD FAN MEETING
• 19993 Tweets
ベイマックス
• 17462 Tweets
Milli Savunma Bakanlığı
• 16324 Tweets
フリーランスの田中
• 13709 Tweets
神ちゃん
• 10898 Tweets
#ガラッとチェンジマン
• 10515 Tweets
Pinned Tweet
Relentless offense and tireless defense. It's a winning recipe in hockey, cybersecurity, and beyond 🏆
@RayBourque77
recently stopped by our Boston HQ – and clearly, he's made himself right at home. See how Rapid7 and
#77
are commanding the attack surface together ⤵️
4
6
35
Read the full case study on the
#IoTsec
baby monitor vulnerabilities we disclosed today:
#iot
http://t.co/UbrKKk4pfL
48
641
1K
We are thrilled to announce that today, the
@NHLBruins
named Rapid7 as their first-ever jersey patch partner and the official cybersecurity partner of the Bruins and
@tdgarden
– beginning with the 2022-23 season.
Read the release here:
56
34
209
🚨 Rapid7's ETR team has begun responding to CVE-2023-27997, a critical RCE vulnerability in Fortinet Fortigate SSL-VPN firewalls.
Fortinet is expected to publish their advisory tomorrow, June 13, 2023. Find mitigation advice & more in our blog:
2
44
96
Metasploit turned 15 this year! Here are the most memorable
@metasploit
moments of 2018.
#HaXmas
0
26
86
We probed more than 3 billion IPv4s and mapped internet exposure around the world. Get the National Exposure Index
2
59
82
You asked, we deliver: Register for the
@Metasploit
community CTF to hack the Linux version of Metasploitable3 (and win prizes). 500 spots. Play starts Monday!
1
56
85
On July 18, Citrix published a security bulletin warning of 3 new vulnerabilities affecting NetScaler ADC and NetScaler Gateway.
CVE-2023-3519, an RCE vulnerability and the most severe of the 3, is known to be exploited in the wild.
More in our blog:
0
43
79
One of
@Metasploit
's strengths is the ability to offer a lingua franca for expressing vulns and exploits.
@todb
underscores this point with a
#HaXmas
story
1
26
73
🛡️ New emergent threat response: "CVE-2022-41080, CVE-2022-41082: Exploitation of 'OWASSRF' in Exchange for RCE". Details and mitigation guidance in our blog below:
1
43
70
Learn how to build your own caller ID spoofer (for more than just prank calling your buddies):
0
29
64
This isn't your average game of Capture the Flag. At
#R7UNITED
, you can hack with
@Metasploit
0
32
64
@Bandrel
@metasploit
@TrevorTheRoach
@egyp7
@HackingDave
We've locked
@metasploit
in a room until they figure this out. Y'know...for Trevor.
3
11
63
CVE-2022-42889, which some have begun calling “Text4Shell,” is a vulnerability in the popular Apache Commons Text library that can result in code execution when processing malicious input.
Read more & find mitigation guidance ⤵️
1
48
64
Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. Check out our five-part blog series featuring testimonials of what goes on beneath the hoodie.
1
17
54
Internet researchers, security scholars, and data nerds, have we got something for you! Today we’re unveiling our National/Industry/Cloud Exposure Report (NICER), a data-rich analysis of risk across the internet complete with actionable security advice.
1
32
56
Whether you’re just getting started with
#pentesting
, or simply interested in the basics, this blog for you. Guest author Bo Weaver walks through how to create a secure and portable Kali installation:
1
23
50
Are you an aspiring ethical hacker? Lucky for you, there are many resources available to help you get started!
4
22
47
How to use Windows event logs to detect lateral movement [VIDEO]
http://t.co/82x3cA7e5L
w/
@omgAPT
#DFIR
#rapidWbW
http://t.co/Oflkw0Lzq2
0
37
48
Introducing InsightPhish (beta): Unified phishing simulation, investigation, and analysis from Rapid7
2
31
44
#EternalBlue
: New
@Metasploit
module for MS17-010 developed by contributors
@zerosum0x0
and
@JennaMagius
1
31
42
RT
@metasploit
: Headed to
#DEFCON26
? Find us and the rest of the
@Rapid7
family in the vendor hall selling limited edition
#Metasploit0xf
Anniversary Tour shirts to benefit
@EFF
. Get it.
3
9
40
Thanks to
@RandomDhiraj
for finding and disclosing a Code Execution issue on the Nexpose installer, which we were able to remediate quickly thanks to this report.
4
5
42
We just opened our newest Rapid7 office in Arlington, VA! The Arlington office is inspired by video game platforms and is also home to our security operations center (SOC), where our hardworking team detects and responds to security issues.
8
5
42
Rapid7 researchers discovered 2 high-severity vulnerabilities that, when successfully exploited, can grant attackers persistent root access to F5 device management interfaces.
More from
@TheHackersNews
:
0
19
42
RT
@metasploit
: Headed to
#DEFCON26
? Find us and the rest of the
@Rapid7
family in the vendor hall selling limited edition
#Metasploit0xf
Anniversary Tour shirts to benefit
@EFF
. Get it.
3
12
37
Register for our THREAT HUNT webcast series to learn how to fend off attackers (and ninjas).
0
28
40
We conducted 268 penetration testing service engagements. In this post, we review interesting detection trends, including exactly where our red team found success.
1
28
40
The sky isn't falling, but KRACK deserves some attention. Here's what you need to know:
0
46
40
The start of a new data model for
@Metasploit
: The team landed the beginning of a nifty new backend service for Framework users this week—plus, a windfall of modules and several open roles!
0
20
38
New emergent threat response: "CVE-2022-42475: Unauthenticated Remote Code Execution Vulnerability in FortiOS; Exploitation Reported." More details in the blog post ⤵️
1
18
40
The VENOM vulnerability explained (CVE-2015-3456) [VIDEO]
http://t.co/SLlcURnUmY
#rapid7WbW
http://t.co/ff1xCpJfRg
2
38
36
#DerbyCon
-- heads up! We're giving away Metasploit t-shirts to the first 750 people at the Saturday night party:
http://t.co/Yu3oM4o7Rq
5
14
38
Holiday classics with a Rapid7 twist. 'NOW That's What I Call HaXmas!' is here for your listening pleasure. Happy holidays!
0
26
36
Yesterday, Microsoft published CVE-2022-24527, a local privilege escalation vulnerability in Microsoft Connected Cache. Read more about exploitation and remediation in this blog write up from
@Junior_Baines
:
0
19
35
1
5
32
“This one time on a pen test…” Discover real stories of exposure, exploitability, and execution in the 2018 edition of
#UnderTheHoodie
:
5
31
35
A new research paper from Metasploit and Rapid7 Labs looks at practical exploitation of Java serialization vulnerabilities and internet exposure of Java services.
0
14
34
What is the difference between WAF and RASP? How can you get the most out of both? Learn more about these emerging application security products.
0
9
34
1
46
34
Need a social distancing hobby? This blog gives you an intro to embedded hardware hacking.
0
14
34
Learn how to build your own caller ID spoofer (for more than just prank calling your buddies):
0
11
33
Patching Samba (CVE-2017-7494): Who's affected, how to mitigate, and a word on early data from our labs
1
40
34
Securing IoT devices? Be warned that Universal Asynchronous Receiver Transmitter (UART) ports are often the keys to the kingdom. IoT Research Lead
@Percent_X
talks about the security impact of easily accessible UART on IoT technology:
1
14
28
Rumors of Metasploit 5 development have not been greatly exaggerated. More from
@busterbcook
and team in this week's
@Metasploit
wrap-up:
0
25
32
We’re investigating implications of
#Wassenaar
for Metasploit and security research & expect to participate in the consultation process.
1
60
33
In 2017, 225 new
@Metasploit
modules were developed by the Rapid7 community. Discover more key stats from our past year in review:
0
10
31
💡 Introducing Fetch Payloads to
@Metasploit
!
These simplify & replace some command stager use cases, providing for faster, more intuitive command injection module dev'pment – and offering a useful on-the-fly hacking tool. More in a brand new blog:
0
11
31
Rapid7's Metasploit Framework research team has noticed a marked increase in both CVEs and exploit module PRs for Java serialization vulnerabilities. Security researchers
@_surefire_
and
@jhartftw
delve into exploitation of Java Serialized Objects.
0
15
30
We simulated targeted phishing campaigns at a cybersecurity event attended by 60 CEOs. Here's how they fared.
1
16
29
#NetNeutrality
matters. Today, we stand with
@SenMarkey
and Massachusetts technology leaders to support an open internet. Watch live at 10 AM EST:
#MAnetneutrality
1
14
29
A statement from Rapid7 and CEO Corey Thomas:
Much of the world awoke to the shocking news coming out of Israel this morning.
1
2
31
12 memorable
@Metasploit
moments from 2017 that inspired and connected us with our community around the world (c/o
@busterbcook
)
0
9
29
What’s new with
@metasploit
? Read our blog to know everything you need to about external Metasploit modules.
0
14
30
Whether you’re just getting started with
#pentesting
, or simply interested in the basics, this blog for you. Guest author Bo Weaver walks through how to create a secure and portable Kali installation:
1
13
31
Got SMB?
@_sinn3r
wrote a guide on using
@Metasploit
Pro Task Chains to evaluate SMB server security, autopwn-style:
0
8
31
"Behind every POS system is an outdated OS." Contributes to susceptibility of POS systems for hacking.
@westonhecker
#defcon
1
17
26
Today, we brought together our Boston and Cambridge teams at our brand new headquarters, right next to TD Garden. We're so excited to work and collaborate in this awesome new space!
0
3
30
Which countries are most exposed on the internet? Get Rapid7's National Exposure Index
1
14
28
AppDomain Manager Injection can be a very powerful technique for red teams – operators can package DLLs in initial access payloads, perform lateral movement, and even utilize it for persistence. 🛡
Learn the basics in a new blog:
0
5
29
Last week’s
#Metasploit
Wrapup features a new EternalBlue module in everyone's favorite reptile-brain language, Python! Check it out:
2
22
26
At Rapid7, we condemn racial injustice and inequality and call upon our colleagues and communities to advocate for change together. CEO Corey Thomas shares his thoughts.
1
14
28
Don't let GDPR compliance prep get lost in your December festivities. Use this month to assess and review your security program:
0
6
15
📣 Today, we're pleased to announce the release of
@metasploit
Framework 6.4!
Additional Kerberos capabilities, new session types, improved discoverability & much more – dive into the range of enhancements our team has made in a brand new blog:
0
7
29
.
@indi303
and
@joshcorman
lose their locks to raise money for
@StBaldricks
chrildren's cancer research.
#RSAC2017
#shavesthatsave
3
18
28
Security teams can now link hardware directly into the
@Metasploit
Framework for vulnerability testing:
@OpenGarages
0
26
29
In 2017, Rapid7 released more than 6 TB of internet scan data from Project Sonar to the public via . Get an overview of Sonar here, and then dig into the data yourself.
1
21
28
We're excited to announce the release of
@velocidex
Version 0.6.5, highlighted by better error handling in VQL, multi-lingual localization and table transformations!
Learn more and find out how to join the growing Velociraptor community here:
0
7
28