<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>Erin Bleiweiss &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/author/erin-bleiweiss/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Fri, 13 May 2022 16:52:59 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>Metasploit Weekly Wrap-Up</title>
		<link>https://noise.getoto.net/2022/05/13/metasploit-weekly-wrap-up-13/</link>
		
		<dc:creator><![CDATA[Erin Bleiweiss]]></dc:creator>
		<pubDate>Fri, 13 May 2022 16:52:59 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=1c4ebceafc7e54954f827caedb3291da</guid>

					<description><![CDATA[<!--kg-card-begin: markdown--><h2>Spring4Shell module</h2>
<p>Community contributor <a href="https://github.com/vleminator">vleminator</a> added <a href="https://github.com/rapid7/metasploit-framework/pull/16423">a new module</a> which exploits <a href="https://attackerkb.com/topics/xtgLfwQYBm/cve-2022-22965?referrer=blog">CVE-2022-22965</a>—more commonly known as "Spring4Shell." <a href="https://attackerkb.com/topics/xtgLfwQYBm/cve-2022-22965/rapid7-analysis?referrer=blog">Depending on its deployment configuration</a>, Java Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older can be vulnerable to unauthenticated remote</p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2022/05/metasploit-sky.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Weekly Wrap-Up</title>
		<link>https://noise.getoto.net/2022/02/18/metasploit-weekly-wrap-up-4/</link>
		
		<dc:creator><![CDATA[Erin Bleiweiss]]></dc:creator>
		<pubDate>Fri, 18 Feb 2022 21:24:12 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=682af2364002b8852065c1d4694ed089</guid>

					<description><![CDATA[<!--kg-card-begin: markdown--><h2>Nagios XI web shell upload module</h2>
<p>New this week is a <a href="https://github.com/rapid7/metasploit-framework/pull/16150">Nagios Web Shell Upload module</a> from Rapid7' own <a href="https://github.com/jbaines-r7">Jake Baines</a>, which exploits <a href="https://attackerkb.com/topics/zxpvqMqOHQ/cve-2021-37343?referrer=blog">CVE-2021-37343</a>. This module builds upon the existing <a href="https://github.com/rapid7/metasploit-framework/blob/master/documentation/modules/auxiliary/scanner/http/nagios_xi_scanner.md">Nagios XI scanner</a> written by <a href="https://github.com/ErikWynter">Erik Wynter</a>. Versions of Nagios XI prior to 5.8.5 are vulnerable to a</p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2022/02/metasploit-sky.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Wrap-Up</title>
		<link>https://noise.getoto.net/2021/11/19/metasploit-wrap-up-33/</link>
		
		<dc:creator><![CDATA[Erin Bleiweiss]]></dc:creator>
		<pubDate>Fri, 19 Nov 2021 19:51:17 +0000</pubDate>
				<category><![CDATA[exploits]]></category>
		<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<category><![CDATA[research]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=6b7627c66695872037aec3e9ac981c49</guid>

					<description><![CDATA[<!--kg-card-begin: markdown--><h2>Azure Active Directory login scanner module</h2>
<p>Community contributor <a href="https://github.com/k0pak4">k0pak4</a> added a new <a href="https://github.com/rapid7/metasploit-framework/pull/15755">login scanner module for Azure Active Directory</a>. This module exploits a <a href="https://attackerkb.com/topics/rZ1JlQhXhc/cve-2020-16152?referrer=blog">vulnerable</a> authentication endpoint in order to enumerate usernames without generating log events. The error code returned by the endpoint can be used to discover the validity of</p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2021/11/metasploit-fence.png" length="0" type="" />

			</item>
		<item>
		<title>Metasploit Wrap-Up</title>
		<link>https://noise.getoto.net/2021/08/13/metasploit-wrap-up-19/</link>
		
		<dc:creator><![CDATA[Erin Bleiweiss]]></dc:creator>
		<pubDate>Fri, 13 Aug 2021 18:25:09 +0000</pubDate>
				<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Metasploit Weekly Wrapup]]></category>
		<category><![CDATA[penetration-testing]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=3a2793fb5315ee3613661543700b783b</guid>

					<description><![CDATA[Three new modules that deliver RCE on Atlassian Crowd and privilege escalation to SYSTEM via print drivers. Plus, a new command shell session type for SSH clients and plenty more enhancements and fixes.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2021/08/metasploit-ascii-1.png" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 29/81 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2026-02-09 12:00:39 by W3 Total Cache
-->