<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>Christophe De La Fuente &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/author/christophe-de-la-fuente/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Fri, 25 Apr 2025 20:03:03 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>Metasploit Wrap-Up 04/25/2025</title>
		<link>https://noise.getoto.net/2025/04/25/metasploit-wrap-up-04-25-2025/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 25 Apr 2025 20:03:03 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=79975800ebaa39191598bdc31eba2ad4</guid>

					<description><![CDATA[<!--kg-card-begin: markdown--><h2>AD CS workflow improvement with new PKCS12 features</h2>
<p>Given the increasing popularity of AD CS misconfiguration exploitation in recent years, Metasploit has been consistently improving its capabilities in this area. This week’s release introduces a new <code>certs</code> command to the <code>msfconsole</code>, enabling users to manage PKCS12 certificates stored in</p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2025/04/metasploit-ascii-1-2-1.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Wrap-Up 04/18/2025</title>
		<link>https://noise.getoto.net/2025/04/18/metasploit-wrap-up-04-18-2025/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 18 Apr 2025 14:58:06 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=0a6e5947edbce9c8f39a9f69d44c2f76</guid>

					<description><![CDATA[<!--kg-card-begin: markdown--><h2>Smaller Fetch Payloads</h2>
<p>This week, a significant enhancement was made to the already awesome <a href="https://docs.metasploit.com/docs/development/developing-modules/guides/how-to-use-fetch-payloads.html">fetch payload</a> feature by our very own <a href="https://github.com/bwatters-r7">bwatters-r7</a>. The improvement introduces a new option, <code>PIPE_FETCH</code>, which optimizes the process by serving both the payload and the command to be executed simultaneously.</p>
<p>This enhancement directly addresses</p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2025/04/metasploit-ascii-1-2.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Weekly Wrap-Up 02/07/2025</title>
		<link>https://noise.getoto.net/2025/02/07/metasploit-weekly-wrap-up-02-07-2025/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 07 Feb 2025 16:59:24 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=2f77257c5b45f76ee7e49e0ab86cf5a9</guid>

					<description><![CDATA[<!--kg-card-begin: markdown--><h2>Gathering data and improving workflows</h2>
<p>This week's release includes 2 new auxiliary modules targeting Argus Surveillance DVR and Ivanti Connect Secure. The former, contributed by Maxwell Francis, and based on the work of John Page, can be used to retrieve arbitrary files on the target's filesystem by exploiting an unauthenticated</p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2025/02/metasploit-ascii-1-2.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Weekly Wrap-Up 12/06/2024</title>
		<link>https://noise.getoto.net/2024/12/06/metasploit-weekly-wrap-up-12-06-2024/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 06 Dec 2024 20:29:30 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=3937464bd33a0046b1dee86213ad8d5c</guid>

					<description><![CDATA[<!--kg-card-begin: markdown--><h2>Post-Thanksgiving Big Release</h2>
<p>This week's release is an impressive one. It adds 9 new modules, which will get you remote code execution on products such as Ivanti Connect Secure, VMware vCenter Server, Asterisk, Fortinet FortiManager and Acronis Cyber Protect. It also includes an account takeover on Wordpress, a local privilege</p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2024/12/metasploit-fence.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Weekly Wrap-Up 09/27/2024</title>
		<link>https://noise.getoto.net/2024/09/27/metasploit-weekly-wrap-up-09-27-2024/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 27 Sep 2024 19:21:52 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=d48023cba29eaaa91a575e28f8027ce7</guid>

					<description><![CDATA[<!--kg-card-begin: markdown--><h2>Epic Release!</h2>
<p>This week's release includes 5 new modules, 6 enhancements, 4 fixes and 1 documentation update. Among the new additions, we have an account take over, SQL injection, RCE, and LPE! Thank you to all the contributors who made it possible!</p>
<h2>New Module Content (5)</h2>
<h3>Cisco Smart Software Manager</h3>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2024/09/metasploit-sky-1.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Weekly Wrap-Up 7/19/2024</title>
		<link>https://noise.getoto.net/2024/07/19/metasploit-weekly-wrap-up-7-19-2024/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 19 Jul 2024 16:46:06 +0000</pubDate>
				<category><![CDATA[exploits]]></category>
		<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<category><![CDATA[penetration-testing]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=66905a5ebe9896150f65284658ae9a48</guid>

					<description><![CDATA[A new unauthenticated RCE exploit for GeoServer, plus library and Meterpreter updates and enhancements.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2024/07/metasploit-sky.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Weekly Wrap-Up 07/05/2024</title>
		<link>https://noise.getoto.net/2024/07/05/metasploit-weekly-wrap-up-07-05-2024/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 05 Jul 2024 16:50:27 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=e2914558ea4dc1bf80883be5b83ac42e</guid>

					<description><![CDATA[3 new modules - MOVEit Transfer authentication bypass CVE-2024-5806, Zyxel command injection, and Azure CLI credentials gatherer]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2024/07/metasploit-blg-3-copy-2.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Weekly Wrap-Up 05/03/24</title>
		<link>https://noise.getoto.net/2024/05/03/metasploit-weekly-wrap-up-05-03-24/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 03 May 2024 18:29:09 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=252e49c0a0176edcb64ccffdbcaa7e07</guid>

					<description><![CDATA[This week Metasploit adds an improvement to the windows_secrets_dump module along with a new RCE module targeting CVE-2024-1212 in LoadMaster.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2024/05/metasploit-fence.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Weekly Wrap-Up 03/01/2024</title>
		<link>https://noise.getoto.net/2024/03/01/metasploit-weekly-wrap-up-03-01-2024/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 01 Mar 2024 20:00:49 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=2dc6f837e8553804632a8396f670a550</guid>

					<description><![CDATA[Metasploit adds an RCE exploit for ConnectWise ScreenConnect and new documentation for exploiting ESC13.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2024/03/metasploit-ascii-1-2.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Weekly Wrap-Up</title>
		<link>https://noise.getoto.net/2023/12/01/metasploit-weekly-wrap-up-84/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 01 Dec 2023 18:27:19 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=28c36d915db5aa138c1f20d9a594dd32</guid>

					<description><![CDATA[<!--kg-card-begin: markdown--><h2>Customizable DNS resolution</h2>
<p>Contributor <a href="https://github.com/smashery">smashery</a> added a new <code>dns</code> command to Metasploit console, which allows the user to customize the behavior of DNS resolution. Similarly to the <code>route</code> command, it is now possible to specify where DNS requests should be sent to avoid any information leak. Before these changes, the</p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2023/12/metasploit-ascii-1-2.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Weekly Wrap-Up</title>
		<link>https://noise.getoto.net/2023/10/13/metasploit-weekly-wrap-up-78/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 13 Oct 2023 17:03:36 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=08cbcc9826380b9607437c10732d5b8d</guid>

					<description><![CDATA[<!--kg-card-begin: markdown--><h2>Pollution in Kibana</h2>
<p>This week, contributor <a href="https://github.com/h00die">h00die</a> added a module that leverages a prototype pollution bug in Kibana prior to version 7.6.3. Particularly, this issue is within the Upgrade Assistant and enables an attacker to execute arbitrary code. This vulnerability can be triggered by sending a queries that</p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2023/10/metasploit-sky.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Weekly Wrap up</title>
		<link>https://noise.getoto.net/2023/07/28/metasploit-weekly-wrap-up-67/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 28 Jul 2023 17:25:08 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=ed0c57bd6e74584f047bac2c022e1feb</guid>

					<description><![CDATA[<!--kg-card-begin: markdown--><h2>Unauthenticated RCE in VMware Product</h2>
<p>This week, community contributor <a href="https://github.com/h00die">h00die</a> added an exploit module that leverages a command injection vulnerability in VMWare Aria Operations for Networks, formerly known as vRealize Network Insight. Versions 6.2 to 6.10 are vulnerable (<a href="https://attackerkb.com/topics/gxz1cUyFh2/cve-2023-20887?referrer=blog">CVE-2023-20887</a>). A remote attacker could abuse the Apache Thrift RPC</p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2023/07/metasploit-ascii-1-2.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Wrap-Up</title>
		<link>https://noise.getoto.net/2022/10/14/metasploit-wrap-up-46/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 14 Oct 2022 17:03:46 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<category><![CDATA[penetration-testing]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=06452152baeafef87319b9037298cfc6</guid>

					<description><![CDATA[Remote code execution modules for Spring Cloud Function and pfSense, plus bug fixes for the Windows secrets dump module.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2022/10/metasploit-blog-banner-3-small.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Weekly Wrap-Up</title>
		<link>https://noise.getoto.net/2022/07/22/metasploit-weekly-wrap-up-23/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 22 Jul 2022 17:08:58 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=d347d06f88a0434bc91b2dc1a77375ec</guid>

					<description><![CDATA[<!--kg-card-begin: markdown--><h2>The past, present and future of Metasploit</h2>
<p>Don't miss Spencer McIntyre's talk on the Help Net Security's <a href="https://www.helpnetsecurity.com/2022/07/20/past-present-future-metasploit-video/">blog</a>. Spencer is the Lead Security Researcher at Rapid7 and speaks about how Metasploit has evolved since its creation back in 2003. He also explains how the Framework is addressing today's offensive security</p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2022/07/metasploit-fence-1.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Weekly Wrap-Up</title>
		<link>https://noise.getoto.net/2022/05/20/metasploit-weekly-wrap-up-14/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 20 May 2022 19:14:42 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=df545f327bfbc593da87aae7b9428479</guid>

					<description><![CDATA[<!--kg-card-begin: markdown--><h2>Zyxel firewall unauthenticated command injection</h2>
<p>This week, our very own <a href="https://github.com/jbaines-r7">Jake Baines</a> added an exploit module that leverages <a href="https://attackerkb.com/topics/LbcysnvxO2/cve-2022-30525?referrer=blog">CVE-2022-30525</a>, an unauthenticated remote command injection vulnerability in Zyxel firewalls with zero touch provisioning (ZTP) support. Jake is also the author of the original research and <a href="https://www.rapid7.com/blog/post/2022/05/12/cve-2022-30525-fixed-zyxel-firewall-unauthenticated-remote-command-injection/">advisory</a> that was published last week.</p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2022/05/metasploit-ascii-1-2.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Wrap-Up</title>
		<link>https://noise.getoto.net/2022/02/11/metasploit-wrap-up-40/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 11 Feb 2022 21:07:08 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<category><![CDATA[penetration-testing]]></category>
		<category><![CDATA[research]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=d214650e6efb584624da76acb1573c1b</guid>

					<description><![CDATA[<!--kg-card-begin: markdown--><h2>Welcome, Little Hippo: PetitPotam</h2>
<p>Our very own <a href="https://github.com/zeroSteiner">@zeroSteiner</a> <a href="https://github.com/rapid7/metasploit-framework/pull/16136">ported</a> the <a href="https://github.com/topotam/PetitPotam">PetitPotam</a> exploit to Metasploit this week. This module leverages <a href="https://attackerkb.com/topics/TEBmUAfeCs/cve-2021-36942?referrer=blog">CVE-2021-36942</a>, a vulnerability in the Windows Encrypting File System (EFS) API, to capture machine NTLM hashes. This uses the <code>EfsRpcOpenFileRaw</code> function of the Microsoft’s Encrypting File System Remote Protocol API</p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2022/02/metasploit-fence.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Wrap-Up</title>
		<link>https://noise.getoto.net/2021/11/26/metasploit-wrap-up-34/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 26 Nov 2021 17:21:03 +0000</pubDate>
				<category><![CDATA[exploits]]></category>
		<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<category><![CDATA[research]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=db7ac7e9278aed114b1bba8dc96dd124</guid>

					<description><![CDATA[<!--kg-card-begin: markdown--><h2>Self-Service Remote Code Execution</h2>
<p>This week, our own <a href="https://github.com/wvu-r7">@wvu-r7</a> added an exploit <a href="https://github.com/rapid7/metasploit-framework/pull/15874">module</a> that achieves unauthenticated remote code execution in ManageEngine ADSelfService Plus, a self-service password management and single sign-on solution for Active Directory. This new module  leverages a REST API authentication bypass vulnerability identified as <a href="https://attackerkb.com/topics/DMSNq5zgcW/cve-2021-40539?referrer=blog">CVE-2021-40539</a>, where an error</p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2021/11/metasploit-ascii-1-2.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Wrap-Up</title>
		<link>https://noise.getoto.net/2021/09/03/metasploit-wrap-up-22/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 03 Sep 2021 16:30:26 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<category><![CDATA[penetration-testing]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=87258c1dade2252f01c88f01b6b88f78</guid>

					<description><![CDATA[A new SMB server implementation to support capturing NTLM hashes across SMBv2 and SMBv3, even with encrypted SMB traffic. Plus, exploits for eBPF, Git LFS, and Geutebruck IP cameras.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2021/09/metasploit-ascii-1.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Wrap-Up</title>
		<link>https://noise.getoto.net/2021/07/30/metasploit-wrap-up-17/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 30 Jul 2021 18:04:33 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<category><![CDATA[penetration-testing]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=bc95ac0129efb4be8fd9b532251948ed</guid>

					<description><![CDATA[Five new modules, including an exploit for "HiveNightmare" CVE-2021-36934, and new fixes and enhancements.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2021/07/metasploit-blg-2-small.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Wrap-Up</title>
		<link>https://noise.getoto.net/2021/02/05/metasploit-wrap-up-6/</link>
		
		<dc:creator><![CDATA[Christophe De La Fuente]]></dc:creator>
		<pubDate>Fri, 05 Feb 2021 19:30:43 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=bccd03f6b72fd7f9410fc063d6f16682</guid>

					<description><![CDATA[This week's edition: Baron Samedit 'sudo' exploit module, OneDrive sync enumeration, and WP credential gathering via Abandoned Cart plugin.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2021/02/metasploit-blg-3-copy-1.png" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 27/244 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2026-02-09 02:33:32 by W3 Total Cache
-->