penetration testing
Do you have what it takes to be an independent security consultant?
It doesn’t matter if you’re part of a big enterprise or a small company, you’ve probably wondered at least once what it would be like to work for yourself. Dreams …
Attackers use open source security tools for targeted cyberespionage
Kaspersky Lab researchers have uncovered a new trend among cyberespionage threat actors: instead of developing customized hacking tools or buying them from third-party …
How to automate a custom password dictionary for your pen test
When doing penetration testing, security professionals regularly have to deal with words that are specific to the task at hand, and many are not found in common wordlists. …
The things you discover when you test RF networks
In my work as a penetration tester for SureCloud, I’m often asked to look at unusual, out-of-the-ordinary vulnerabilities. This was the case when a major UK financial …
MobSF: Security analysis of Android and iOS apps
The Mobile Security Framework (MobSF) is an open source framework capable of performing end to end security testing of mobile applications. MobSF can be used for security …
Web application scanning with Htcap
Htcap is a free web application scanner that can crawl single page applications in a recursive manner by intercepting Ajax calls and DOM changes. The app is focused mainly on …
Smart buildings security: Who’s in charge?
As the Internet of Things became an accepted reality, and the security community realized that they have to get involved in securing it, days without news about the insecurity …
Review: Google Hacking for Penetration Testers, Third Edition
Authors: Johnny Long, Bill Gardner, Justin Brown. Pages: 234 Publisher: Syngress ISBN: 0128029641 Introduction The Internet can be a great source of information, and Google …
Inside the largely unexplored world of mainframe security
The security of mainframe computers – the so-called “big iron”, which is mainly used by large organizations for critical applications, bulk data and …
Open source KeeFarce tool loots encrypted passwords stored in KeePass
Denis Andzakovic, a hacker and researcher with New Zealand-based security consultancy Security-Assessment.com, has released the source code for KeeFarce, a tool that can …
Pen-testing drone searches for unsecured devices
You’re sitting in an office, and you send a print job to the main office printer. You see or hear a drone flying outside your window. Next thing you know, the printer …
Next Generation Red Teaming
Author: Henry DalzielPages: 46Publisher: SyngressISBN: 0128041714 Introduction Do you know the difference between penetration testing and red teaming? This book will explain …
Featured news
Resources
Don't miss
- Cybercriminals exploit RMM tools to steal real-world cargo
- Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware
- How nations build and defend their cyberspace capabilities
- Uncovering the risks of unmanaged identities
- Deepfakes, fraud, and the fight for trust online