Highest Voted 'rapid7' Questions

1

vote

0 answers

Rapid7 scan has detected issue on static web app deployed on azure and created using ReactJs

Microsoft FrontPage Extensions installed and enabled can have their permissions misconfigured. All issues has been given urls like below…

asked Aug 08 '23 at 05:46

akash salunkhe

63
3

1

vote

0 answers

can Velociraptor be integrated with Nexpose?

I'm looking if Velociraptor can be integrated with Nexpose (as a Vulnerability Management System). Any help would be appreciated.

web desktop rapid7 nexpose

asked Jul 17 '22 at 10:55

Hesham

11
1

1

vote

0 answers

How can I get investigation evidence of Rapid7 insight IDR with rest API?

May I know how I can get Rapid7 idr investigation details with REST API, for example evidence? I know investigation details can be obtained on insightIDR GUI. However for API, there is only a list investigation API - "GET /idr/v1/investigations/". I…

api rest rapid7

asked Dec 19 '21 at 03:22

Jonathan Yao

31
2

1

vote

0 answers

Is libwebp 0.3.0-3 used by pillow on Centos 7 concerned by CVE-2020-36328?

We scanned the same host (a CentOS Linux release 7.6.1810 (Core)) with two vulnerability scanners (Nessus and Rapid7). Rapid7 reported that libwebp-0:0.3.0-7.el7.x86_64 is vulnerable CVE-2020-36328. Nessus did not report a vulnerability, the plugin…

security python-imaging-library centos7 nessus rapid7

asked Aug 24 '21 at 10:46

vx3r

295
1
16

0

votes

0 answers

Is it possible to use a Swagger Spec file with relative paths to other Swagger spec files for a Rapid7 Scan?

I am trying to setup an application to be scanned using Rapid7 InsightAppSec. It is an ASP.NET Web API, and we maintain a Swagger UI to document the API (thus we are not using something like Swashbuckle to generate the Swagger). Rapid7 supports…

swagger swagger-ui rapid7

asked Jan 17 '23 at 21:43

Timothy G.

6,335
7
30
46

0

votes

0 answers

Scan vulnerabilities in product having web socket communication

I am new to Application Security. I was provided with Rapid7 Appsec to scan dynamic vulnerabilities in my web based product. Since Appsec crawls to different URLs to identify vulnerabilities, it isn't able to scan my product completely since all of…

java angular security rapid7

asked Nov 07 '22 at 10:44

Ritveak

2,930
2
13
28

0

votes

1 answer

How to remove obsolete PHP packages so that rapid7 stops reporting PHP Vulnerability on Centos7

I'm trying to remove PHP vulnerability on my Centos7 machine that is being reported by rapid7 security scan. I've upgraded from PHP7.1 to PHP7.4 however after another scan, the php71 packages are still being reported. I also ensured that 7.1…

php linux security centos rapid7

asked Oct 03 '22 at 11:12

Melvin Magro

9
1

0

votes

0 answers

no IIS installed but Rapid-7 detected X.509 in scanning report

I worked in Dev team and my IT security team shared scanning report and asked me to fix it. Report mentioned that "X.509 Certificate Subject CN Does Not Match the Entity Name" and "Untrusted TLS/SSL server X.509 certificate" on my Database server…

sql-server security x509certificate rapid7

asked Jun 22 '22 at 03:34

user11968704

69
1
3

0

votes

0 answers

Can we use the Macros in Rapid7 to address the issue Attackers might be trying to steal your information from AAA.com for https URL

I have a URL which is having the protocol https. As we are using the self signed certificate for SSL we are getting the screen like below in browser If it is in browser we can access the page by clicking on continue unsafe button. But when we try…

macros rapid7

asked Dec 31 '21 at 06:39

Chandramouli

544
6
18

0

votes

1 answer

Pattern matching in Python Insightconnet workflow

I have a workflow that retrieves a CVE name and number. I can get it to print to Teams juts fine as is. However I am attempting to scrape ONLY the CVE number "CVE-2021-XXXXX" When it runs as: import re text ="{{["Get Vulnerability Content from…

python regex workflow rapid7

asked Sep 29 '21 at 15:35

Robert

1
1

0

votes

1 answer

Clarifications needed on Designing Data Access Object (DAO) Layer - Spring Boot

I am trying to setup a DAO layer for a Spring boot project for which i came across this helpful blog . I need some clarity on the below text , especially the part where it says that dependencies must not be implementation classes and that they …

java spring design-patterns dao rapid7

asked Jun 10 '21 at 07:49

Nishant_Singh

748
1
6
16

-1

votes

1 answer

Nexpose Kali Linux Install Not Working NeXpose security console exited with code 0

enter image description here- this is the error code shown when i run ./nsc.sh in a root terminal, nexpose worked properly on first install and i was able to acess localhost:3780 with no issues but after a system reboot it did not work, i already…

rapid7 nexpose

asked Jul 05 '23 at 01:29

dook

1
1

Questions tagged [rapid7]