Tweet
Metasploit continues to expand support for Active Directory Certificate Services (AD CS) attacks, as well as its protocol relaying capability and attack workflows for evergreen vulnerabilities. This year, we added support for SMB-to-LDAP relaying and SMB-to-HTTP relaying, as well as support to identify and exploit a number of AD CS flaws (i.e., ESC vulnerabilities). We’ve also added the new “PoolParty” process injection capability to Windows Meterpreter sessions, along with support for System Center Configuration Manager (SCCM) attack workflows.
We are very excited to demo all of this (and more? come to find out!) during our Demo Labs time slots which can be found below:
The Metasploit Framework can be found here:
https://github.com/rapid7/metasploit-framework/
We are very excited to demo all of this (and more? come to find out!) during our Demo Labs time slots which can be found below:
| DATE | TIME | LENGTH | ROOM |
| 2025-08-08 | 13:00 | 45 MINS | 208 |
| 2025-08-08 | 14:00 | 45 MINS | 208 |
| 2025-08-09 | 15:00 | 45 MINS | 209 |
https://github.com/rapid7/metasploit-framework/