Risk management focus shifts from external to internal exposure
Coalfire released its fourth annual Securealities Penetration Risk Report which analyzes enterprise and cloud service providers (CSPs) internal and external attack vectors, …
penetration testing
5 Kali Linux books you should read this year
Kali Linux is a Linux distribution designed for digital forensics, penetration testing, security research, and reverse engineering. Here is a selection of books for different …
Can your passwords withstand threat actors’ dirty tricks?
Password security hinges on the answer to that seemingly simple question. Unfortunately, you can’t know the answer until you’ve engaged a ruthless penetration tester to find …
SquarePhish: Advanced phishing tool combines QR codes and OAuth 2.0 device code flow
In this Help Net Security video, Security Consultant Kam Talebzadeh and Senior Security Researcher Nevada Romsdahl from Secureworks, showcase SquarePhish, a tool that combines …
AWSGoat: Easy to deploy vulnerable AWS infrastructure for pentesters
Compromising an organization’s cloud infrastructure is like sitting on a gold mine for attackers. And sometimes, a simple misconfiguration or a vulnerability in web …
Kali Linux 2022.3 released: Packages for test labs, new tools, and a community Discord server
Offensive Security has released Kali Linux 2022.3, the latest version of its popular penetration testing and digital forensics platform. Packaged apps to set up test labs The …
The past, present and future of Metasploit
Metasploit is the most used penetration testing framework. In this Help Net Security video, Spencer McIntyre, Lead Security Researcher at Rapid7, talks about how Metasploit …
How adversaries are leveraging pentesting tools to launch attacks
In this Help Net Security video, Tony Lambert, Senior Malware Analyst at Red Canary, talks about how adversaries’ favorite tools are legitimate tools that are used for …
Linode + Kali Linux: Added security for cloud instances
Kali Linux, the popular open source Linux distribution specialized for penetration testing, ethical hacking and security auditing, can now be used by Linode customers. Getting …
Mind the gap: How to ensure your vulnerability detection methods are up to scratch
With global cyber crime costs expected to reach $10.5 trillion annually by 2025, it comes as little surprise that the risk of attack is companies’ biggest concern globally. To …
Once is never enough: The need for continuous penetration testing
If you Google “How often should I do penetration testing?”, the first answer that pops up is “once a year.” Indeed, even industry-leading standards like PCI-DSS dictate that …
Metasploit 6.2.0 comes with 138 new modules, 148 enhancements and features
Metasploit is the world’s most used penetration testing framework. It helps security teams verify vulnerabilities, manage security assessments, and improve security awareness. …