Dennis Fisher talks with HD Moore, the founder of the Metasploit Project and the chief security officer at Rapid7, about the evolution of Metasploit, the difficulty of client-side exploitation in the age of DEP and ASLR and the decision on when to publish an exploit.
Dennis Fisher talks with HD Moore, the founder of the Metasploit Project and the chief security officer at Rapid7, about the evolution of Metasploit, the difficulty of client-side exploitation in the age of DEP and ASLR and the decision on when to publish an exploit.
*Podcast audio courtesy of sykboy65
Subscribe to the Digital Underground podcast on
Researchers at Recorded Future report a rise in cracked Cobalt Strike and other open-source adversarial tools with easy-to-use interfaces.
A set of address-spoofing bugs affect users of six different types of mobile browsers, with some remaining unpatched.
A fresh look at the penetration testing tool Metasploit reveals the 15-year old hacking tool still has some tricks up its sleeves, even against modern defenses.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
Anonymous on
Art tho it may be, the pen-test in but only one small facet of the IT management process. Scanned and Fully-patched are still highly susceptible to all matter of threats and misuse. Elevating the pen-test to art form, which by itself won't keep a network fully secure, it akin to milking a cow with satin gloves and claiming product is silky smooth.