Customer Portal
Connect with Support
Need help? We’ve got you covered. Sign in to the Customer Portal for our top recommended help articles, and to connect with our awesome Support Team.
Create and manage your cases with ease and get routed to the right product specialist.
Having trouble logging in?
- Create your account
- Reset your password via the "Need help signing in" link on the Sign In page.
- Customer Portal FAQs
Customer Support Guidebook
Learn how the Rapid7 Customer Support team can support you and your organization
Help & Docs
Self-Service Help
Training & Certifications
Be awesome at everything you do -- get trained by Rapid7 experts and take your security skills to the next level.
Learn moreConsulting Services
Need a hand with your security program? From planning and strategy to full-service support, our Rapid7 experts have you covered.
- Penetration Testing Services
- Managed Services for Vulnerability Management
- Managed Detection and Response Solution
- IoT Security Services
Read What’s New on the Rapid7 Blog
Metasploit Weekly Wrap-Up 03/01/2024
Metasploit adds an RCE exploit for ConnectWise ScreenConnect and new documentation for exploiting ESC13.
How To Hunt For UEFI Malware Using Velociraptor
UEFI threats have historically been limited in number and mostly implemented by
nation state actors as stealthy persistence. However, the recent proliferation
of Black Lotus on the dark web, Trickbot enumeration module (late 2022), and
Glupteba (November 2023) indicates that this historical trend may be changing.
With this context, it is becoming important for security practitioners to
understand visibility and collection capabilities for UEFI threats
[http://qbkk.ngskmc-eis.net/info/understanding
Metasploit Weekly Wrap-Up 02/23/2024
LDAP Capture module
Metasploit now has an LDAP capture module thanks to the work of
JustAnda7 [http://github.com/JustAnda7]. This work was completed as part of the
Google Summer of Code program.
When the module runs it will by default require privileges to listen on port
389. The module implements a default implementation for BindRequest,
SearchRequest, UnbindRequest, and will capture both plaintext credentials and
NTLM hashes which can be brute-forced offline. Upon receiving a successful Bin
Visit the Customer Portal
File a case, view your open cases, get in touch.