Metasploit Framework 6.4 is out now! 🆕🎉 .Features include: .🔹More Kerberos goodness, like support for diamond and sapphire tickets and extract tickets from compromised windows hosts to leverage unconstrained delegation.🔹DNS configuration 1/4.

This week's wrap-up is here with a module for Pretalx Arbitrary File Read/Limited File Write and a Remote for Mac 2025.6 Unauthenticated UDP Keyboard RCE:

Happy Friday, this week's wrap up includes a Netdata ndsudo privilege escalation and another chance to answer our Metasploit User Survey!

👋Fill out our survey! We're here for a good time and a long time, and we'd like to keep it that way 😌.

This week's wrap up includes ESC9, ESC10 and ESC16 support, gMSA password gathering and our Summer Camp schedule for next week in Vegas!

A new proposal from @CMSgov under @DrOz wants to add catheters, ostomy & trach supplies to Medicare’s competitive bidding program. This is a bad idea and will worsen outcomes for seniors & Medicare recipients. My latest in @MedPageToday explains why ⬇️

Happy Friday, folks! Five new modules in this week's wrap-up. Three of them are for Xorcom CompletePBX. Get it here: .

RT @metasploit: Hey everyone, poll time again: Why AREN'T you using Metasploit?.

This week's wrap-up features a *new* Arm64 Windows payload, PandoraFMS Authenticated RCE, and a GraphQL Introspection Scanner.

Hey everyone, poll time again: Why AREN'T you using Metasploit?.

New Skyvern RCE in the wrap-up this week. Get it here:

LLMs are getting better, faster, and smarter, and as they do, we need new ways to use them. Applications build with LLMs have transitioned from asking LLMs to write to letting LLMs drive actions. With that, comes new challenges in developing agentic applications.

RT @metasploit: Hey friends, it's that time again. As a Metasploit user, how would you describe yourself? Add comments if you want to expla….

Hey friends, it's that time again. As a Metasploit user, how would you describe yourself? Add comments if you want to explain!.

Framework offering even faster boot time this week. Get the wrap-up here:

Five new modules in this release, including content for ThinManager, Remote for Mac, Roundcube and more.

This week's wrap-up features support for the SOCKS5H protocol, some additional SOCKS lore, and modules for WordPress Depicter Plugin and Gladinet CentreStack/Triofox.

This week we've increased our boot and startup times :D and now have native support for getting TGS, as well as exploit modules for Ivanti Connect Secure, Clinic's Patient Management System, Invision Community, Nextcloud Workflows, and Samsung MagicINFO 9 Server.

This week we've increased our boot and startup times :D and now have native support for getting TGS, as well as exploit modules for Ivanti Connect Secure, Clinic's Patient Management System, Invision Community, Nextcloud Workflows, and Samsung MagicINFO 9 Server.

This week we've increased our boot and startup times :D and now have native support for getting TGS, as well as exploit modules for Ivanti Connect Secure, Clinic's Patient Management System, Invision Community, Nextcloud Workflows, and Samsung MagicINFO 9 Server.

This week we've increased our boot and startup times :D and now have native support for getting TGS, as well as exploit modules for Ivanti Connect Secure, Clinic's Patient Management System, Invision Community, Nextcloud Workflows, and Samsung MagicINFO 9 Server.

This week we've increased our boot and startup times :D and now have native support for getting TGS, as well as exploit modules for Ivanti Connect Secure, Clinic's Patient Management System, Invision Community, Nextcloud Workflows, and Samsung MagicINFO 9 Server.

This week we've increased our boot and startup times :D and now have native support for getting TGS, as well as exploit modules for Ivanti Connect Secure, Clinic's Patient Management System, Invision Community, Nextcloud Workflows, and Samsung MagicINFO 9 Server.