SecureState Blog

Read SecureState's award winning blog.

Hello Security Community,

Matt Neely here. A few weeks ago I announced that I am now managing SecureState’s Research and Innovation (R&I) team. Today I’d like to announce that I am taking the R&I team in unique direction by reaching out to the security community to help me build my team’s list of projects for next year. The R&I team is best known for the open source offensive security tools we’ve released, such asTermineterEAPeak and various Metasploit modules. However, we’ve also performed product evaluations, created defensive tools, one of which will be publically released soon, and created new methodologies and processes for both attacking and defending systems. We’ll consider any project or idea. The results of a project that originate from the community will go back to the community. Here’s a list of questions to get the ball rolling.

  • What problems do you want the R&I team to tackle?
  • What tools does the security community need created?
  • Do you know of existing open source project that needs a kick of adrenaline to get back on track?
  • Know of an existing security tool that needs better documentation?
  • Do you have a vulnerability you constantly find on penetration test but can’t find working exploit code for it?
  • What vulnerabilities are people having a hard time fixing?
  • What product shoot outs do you want to see?
  • Have an idea for a new Metasploit module or extension?

Have an idea? Submit it here.

I’d also love to team up with other research groups or individuals on projects big and small. If you or your company is interested in teaming up on a project, let me know that as well through the idea submission form.

I encourage people to use valid contact information when you submit a project idea so I can contact you to get clarification on your ideas and, if you like, give you credit if the project is selected. Don’t worry, submitting a project idea will not get you added onto a marketing mail list.

We are also taking a different approach by publishing the list of projects we plan to release to the public so the security community can see what we are working on. You can find the project release schedule on the R&I Tools page, although some projects will have code names to keep them a surprise.

I look forward to seeing the ideas people submit! We’ll update the project list over the next few weeks.