This module exploits a remote code execution vulnerability (CVE-2022-33891) of Apache Spark. The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable.

An authenticated user can import a repository from GitHub into GitLab. When importing a GitHub repository the GitLab api client uses Sawyer for handling the responses. This takes a JSON hash and ...

A public exploit module for the BlueKeep Windows vulnerability has been added today to the open-source Metasploit penetration testing framework, developed by Rapid7 in collaboration with the ...

The recently patched Apache ActiveMQ vulnerability tracked as CVE-2023-46604 has been exploited as a zero-day since at least October 10. Malicious exploitation of an Apache ActiveMQ vulnerability ...

Metasploit 6.2.0 has been released with 138 new modules, 148 new improvements/features, and 156 bug fixes since version 6.1.0 was released in August 2021. Metasploit is a penetration testing framework ...

Attack code for two actively exploited vulnerabilities in Microsoft software, one of which has not yet been patched, was integrated into the open-source Metasploit penetration testing framework. One ...

Metasploit tutorial part 2: Using meterpreter Metasploit tutorial 3 – Database configuration & post exploit affairs Metasploit guide 4: Armitage cyber attack management GUI Social Engineer Toolkit ...

This just got (more) real: Researchers today unleashed exploit code for a pair of newly found vulnerabilities in the popular Web application programming platform Ruby on Rails (RoR), as well as a new ...

Metasploit is a penetration testing framework that makes hacking simple. It’s an essential tool for many attackers and defenders. Point Metasploit at your target, pick an exploit, what payload to drop ...