penetration testing
Photo gallery: Black Hat USA 2016 Arsenal
Black Hat USA 2016 is underway at Las Vegas, and here are a few photos from the Arsenal, where the open source community demonstrates tools they develop and use in their daily …
Security awareness training or no, users will keep clicking on dodgy links
There is no way to make humans never click on potentially dangerous links they receive, as the right combination of curiosity, context, and emotions will always beat security …
Nishang: Using PowerShell for penetration testing
Nishang is a framework, and a collection of scripts and payloads which enables PowerShell usage for offensive security, penetration testing and red teaming. The tool is the …
Pwnie Express open sources IoT and Bluetooth security tools
Pwnie Express announced the availability of open sourced versions of its Blue Hydra and Android build system software. The release of these tools enable comprehensive …
Infection Monkey: Test a network from an attacker’s point of view
Infection Monkey, a tool designed to test the resiliency of modern data centers against cyber attacks, was developed as an open source tool by GuardiCore’s research …
Faraday: Collaborative pen test and vulnerability management platform
Faraday is an integrated multi-user penetration testing environment that maps and leverages all the knowledge you generate in real time. It gives CISOs a better overview of …
Tactical exploitation with Warberry Pi
WarBerry Pi was built for red team engagements where it’s essential to obtain as much information as possible in a short period of time, while going undetected. All you need …
Developing Hashcat, a tool for advanced password recovery
As general-purpose computing on graphics processing units (GPGPU) became more viable around 2009, professional software developer Jens “atom” Steube wanted to …
Do you have what it takes to be an independent security consultant?
It doesn’t matter if you’re part of a big enterprise or a small company, you’ve probably wondered at least once what it would be like to work for yourself. Dreams …
Attackers use open source security tools for targeted cyberespionage
Kaspersky Lab researchers have uncovered a new trend among cyberespionage threat actors: instead of developing customized hacking tools or buying them from third-party …
How to automate a custom password dictionary for your pen test
When doing penetration testing, security professionals regularly have to deal with words that are specific to the task at hand, and many are not found in common wordlists. …
The things you discover when you test RF networks
In my work as a penetration tester for SureCloud, I’m often asked to look at unusual, out-of-the-ordinary vulnerabilities. This was the case when a major UK financial …
Featured news
Resources
Don't miss
- SonicWall says attackers compromised some firewall configuration backup files
- Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585)
- LinkedIn now uses your data for AI by default, opt out now!
- Behind the scenes of cURL with its founder: Releases, updates, and security
- Product showcase: Exaforce – The full lifecycle AI SOC platform