penetration testing
Cloud-based fuzzing for zero-day vulnerability discovery
Codenomicon released the Fuzz-o-Matic cloud-based software security Testing-as-a-Service (TaaS) platform for enterprise software and applications running on Windows, Linux, …
Arachni: Web application security scanner framework
Arachni is an open source Web application security scanner framework, a modular framework that allows fast, accurate and flexible vulnerability assessment. In order to …
Is your online bank vulnerable to currency rounding attacks?
In the 12+ years of doing penetration tests against various critical environments, we’ve seen numerous online banking servers and found all sorts of vulnerabilities in …
BackTrack 5 Wireless Penetration Testing
If you're considering a career in penetration testing, you probably already know that BackTrack is the Linux distribution favored by most pentesters due to it being preloaded …
A Bug Hunter’s Diary
For individuals who make a living developing and maintaining software systems, finding bugs in their own code is almost a daily ritual. Working on software developing projects …
Free tool exploits SQL injection vulnerabilities
NT OBJECTives announced NTO SQL Invader, a free tool which provides pen testers and developers the ability to quickly and easily exploit and demonstrate SQL Injection …
NetWars to test the skills of infosec professionals
At SANS London 2011, Europe’s largest IT security training event, NetWars will be launched for the first time in the UK. NetWars participants compete in a mock …
The Basics of Hacking and Penetration Testing
Have you always wondered about how penetration testing is performed, but never had the opportunity to ask a professional about it or to witness him (or her) at work? If that's …
New fuzzing platform from Codenomicon
Codenomicon released Defensics X, the latest version of their security and robustness testing software. The update introduces better coverage through infinite test case …
Free Metasploit Community Edition released
Rapid7 launched Metasploit Community Edition: a new free addition to the Metasploit family of software solutions, which help security and IT professionals identify and …
MagicTree: Data management for penetration testers
Have you ever spent ages trying to find the results of a particular portscan you were sure you did? Or grepping through a bunch of files looking for data for a particular host …
BackTrack 5 Wireless Penetration Testing Beginner’s Guide
Wireless technologies are inherently insecure and can be easily broken. BackTrack is a penetration testing and security auditing distribution that comes with a myriad of …
Featured news
Resources
Don't miss
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)
- RIFT: New open-source tool from Microsoft helps analyze Rust malware