penetration testing
Pentesting is now central to CISO strategy
Security leaders are rethinking their approach to cybersecurity as digital supply chains expand and generative AI becomes embedded in critical systems. A recent survey of 225 …
Open-source password recovery utility Hashcat 7.0.0 released
Hashcat is an open-source password recovery tool that supports five attack modes and more than 300 highly optimized hashing algorithms. It runs on CPUs, GPUs, and other …
Artemis: Open-source modular vulnerability scanner
Artemis is an open-source modular vulnerability scanner that checks different aspects of a website’s security and translates the results into easy-to-understand messages that …
Cervantes: Open-source, collaborative platform for pentesters and red teams
Cervantes is an open-source collaborative platform built for pentesters and red teams. It offers a centralized workspace to manage projects, clients, vulnerabilities, and …
Exposure management is the answer to: “Am I working on the right things?”
In this Help Net Security interview, Dan DeCloss, Founder and CTO at PlexTrac, discusses the role of exposure management in cybersecurity and how it helps organizations gain …
Are we securing AI like the rest of the cloud?
In this Help Net Security interview, Chris McGranahan, Director of Security Architecture & Engineering at Backblaze, discusses how AI is shaping both offensive and …
We know GenAI is risky, so why aren’t we fixing its flaws?
Even though GenAI threats are a top concern for both security teams and leadership, the current level of testing and remediation for LLM and AI-powered applications isn’t …
XBOW’s AI reached the top ranks on HackerOne, and now it has $75M to scale up
XBOW has raised $75 million in Series B funding to grow its AI-driven offensive security platform. The round was led by Altimeter’s Apoorv Agrawal, with participation from …
Review: Learning Kali Linux, 2nd Edition
Kali Linux has long been the go-to operating system for penetration testers and security professionals, and Learning Kali Linux, 2nd Edition by Ric Messier aims to guide …
Kali Linux 2025.2 delivers Bloodhound CE, CARsenal, 13 new tools
OffSec has released Kali Linux 2025.2, the most up-to-date version of the widely used penetration testing and digital forensics platform. KDE Plasma 6.3 in Kali Linux 2025.2 …
Researchers warn of ongoing Entra ID account takeover campaign
Attackers are using the TeamFiltration pentesting framework to brute-force their way into Microsoft Entra ID (formerly Azure AD) accounts, Proofpoint researchers have …
Build a mobile hacking rig with a Pixel and Kali NetHunter
A cybersecurity hobbyist has built a compact, foldable mobile hacking rig that runs Kali NetHunter on a Google Pixel 3 XL. It’s called the NetHunter C-deck, and it packs …
Featured news
Resources
Don't miss
- What makes a security program mature and how to get there faster
- EntraGoat: Vulnerable Microsoft Entra ID infrastructure to simulate identity security misconfigurations
- Win-DDoS: Attackers can turn public domain controllers into DDoS agents
- How Brandolini’s law informs our everyday infosec reality
- From legacy to SaaS: Why complexity is the enemy of enterprise security