Metasploit Framework 6.4 is out now! 🆕🎉 .Features include: .🔹More Kerberos goodness, like support for diamond and sapphire tickets and extract tickets from compromised windows hosts to leverage unconstrained delegation.🔹DNS configuration 1/4.

New Skyvern RCE in the wrap-up this week. Get it here:

RT @metasploit: Hey friends, it's that time again. As a Metasploit user, how would you describe yourself? Add comments if you want to expla….

Hey friends, it's that time again. As a Metasploit user, how would you describe yourself? Add comments if you want to explain!.

Framework offering even faster boot time this week. Get the wrap-up here:

Five new modules in this release, including content for ThinManager, Remote for Mac, Roundcube and more.

This week's wrap-up features support for the SOCKS5H protocol, some additional SOCKS lore, and modules for WordPress Depicter Plugin and Gladinet CentreStack/Triofox.

This week we've increased our boot and startup times :D and now have native support for getting TGS, as well as exploit modules for Ivanti Connect Secure, Clinic's Patient Management System, Invision Community, Nextcloud Workflows, and Samsung MagicINFO 9 Server.

This week we've increased our boot and startup times :D and now have native support for getting TGS, as well as exploit modules for Ivanti Connect Secure, Clinic's Patient Management System, Invision Community, Nextcloud Workflows, and Samsung MagicINFO 9 Server.

This week we've increased our boot and startup times :D and now have native support for getting TGS, as well as exploit modules for Ivanti Connect Secure, Clinic's Patient Management System, Invision Community, Nextcloud Workflows, and Samsung MagicINFO 9 Server.

This week we've increased our boot and startup times :D and now have native support for getting TGS, as well as exploit modules for Ivanti Connect Secure, Clinic's Patient Management System, Invision Community, Nextcloud Workflows, and Samsung MagicINFO 9 Server.

This week we've increased our boot and startup times :D and now have native support for getting TGS, as well as exploit modules for Ivanti Connect Secure, Clinic's Patient Management System, Invision Community, Nextcloud Workflows, and Samsung MagicINFO 9 Server.

This week we've increased our boot and startup times :D and now have native support for getting TGS, as well as exploit modules for Ivanti Connect Secure, Clinic's Patient Management System, Invision Community, Nextcloud Workflows, and Samsung MagicINFO 9 Server.

New toys and techniques this week: OPNSense login scanner, Sante PACS Server Path Traversal, SMB to HTTP relay version of Get NAA Creds, and Erlang OTP Pre-Auth RCE Scanner and Exploit!

RT @stephenfewer: In another great body of research from @the_emmons, this disclosure chains 3 new vulns in SonicWall's SMA 100 appliances….

This week we've released a patch for a vulnerability disclosed to us by a longtime community member. A heartfelt thanks to the folks who spend their time on this journey with us. We've also got LAPs support for LDAP module, and an RCE for WonderCMS. Get it here:.

RT @catc0n: Rapid7 MDR has observed exploitation of SAP NetWeaver Visual Composer CVE-2025-31324 in multiple customer environments dating b….

RT @offsectraining: Attention @kalilinux users! In the coming day(s), apt update is going to fail for pretty much everyone. The reason? W….

This Friday brings some awesome updates to AD CS workflows. Users can now manage their PKCS12 certificates with the new `certs` command. Plus we've got modules and almost a dozen enhancements. Get it all here:

Wake up babe, even smaller fetch payloads just dropped:

RCEs. for Spring? Groundbreaking. (Appsmith, Pandora FMS, Oracle Access Manager, pgAdmin) 🌷.