7 min
Metasploit
Hiding Metasploit Shellcode to Evade Windows Defender
Being on the offensive side in the security field, I personally have a lot of
respect for the researchers and engineers in the antivirus industry, and the
companies dedicated to investing so much in them. If malware development is a
cat-and-mouse game, then I would say that the industry creates some of the most
terrifying hunters. Penetration testers and red teamers suffer the most from
this while using Metasploit [https://www.rapid7.com/products/metasploit/], which
forced me to look into how to
7 min
Haxmas
The Twelve Pains of Infosec
One of my favorite Christmas carols is the 12 Days of Christmas
[https://www.youtube.com/watch?v=oyEyMjdD2uk]. Back in the 90's, a satire of the
song came out in the form of the 12 Pains of Christmas
[https://www.youtube.com/watch?v=h4NlR5KQLQ8], which had me rolling on the floor
in laughter, and still does. Now that I am in information security, I decided it
is time for a new satire, maybe this will start a new tradition, and so I am
presenting, the 12 Pains of Infosec.
----------------------
5 min
Antivirus
Finding and Protecting mission-critical assets with ControlsInsight
ControlsInsight helps organizations measure how well critical security controls
are deployed and configured throughout the enterprise. Yet, as hard you may
try, it's extremely difficult to protect every asset on your network perfectly,
and it's often necessary to prioritize "misson-critical" assets that store
important or sensitive business data. Clearly, securing the laptop computer of
Sally, the chief financial officer, is much more important than securing Joe the
intern's laptop, which prob
3 min
Antivirus
UserInsight's New User Statistics Provide Great Visibility for Incident Responders
Nate Silver made statistics sexy, and we're riding that wave. But seriously,
breaking down some of the more noisy alerts on the network by users and showing
you spikes can really help you detect and investigate unusual activity. That's
why we've built a new UserInsight feature that shows you anti-virus alerts,
vulnerabilities, firewall activity, IDS/IPS alerts, and authentications by users
that show the most activity and enable you to dig in deeper by filtering by
user. You can get to the new st
7 min
Antivirus
12 Days of HaXmas: A Cat and Mouse Game Between Exploits and Antivirus
This post is the twelfth, and last, in a series, 12 Days of HaXmas, where we
take a look at some of the more notable advancements in the Metasploit Framework
over the course of 2013.
In the final episode of 12 Days of HaXmas, we'll talk about the holy war between
browser exploits vs antivirus. It will sound a little biased from time to time,
but note that It is not meant to compare who is better -- I don't have the
resources to compare the entire matrix of AV solutions
[https://en.wikipedia.or
8 min
Metasploit
The Odd Couple: Metasploit and Antivirus Solutions
I hear a lot of questions concerning antivirus evasion with Metasploit, so I'd
like to share some the information critical to understanding this problem. This
blog post is not designed to give you surefire antivirus (AV) evasion
techniques, but rather to help you understand the fundamentals of the issue.
A Quick Glossary
Before we begin, let's define a few terms. This will be important for
understanding some of the things we will discuss.
Payload: A payload is the actual code that is being del
1 min
Antivirus
Become invisible to anti-virus protection
Wouldn't it be fantastic to be invisible for a day? Walk straight into a bank
vault in the morning, be a fly on the wall in the Oval Office for lunch, and
spend an evening in your favorite movie star's house. Well, now you can - with
Metasploit!
We tested our Metasploit invisibility cloak on a field day recently. Our venue
of choice: an anti-virus test lab. The goal was to test how well Metasploit's
anti-virus protection would hold up against the most recent versions of the
world's top ten a