penetration testing
Why automated pentesting won’t fix the cybersecurity skills gap
The modern threat landscape is an enormous challenge for the modern enterprise. Many organizations are “addressing” this by buying the newest security products from the latest …
Kali Linux 2021.2 released: Kaboxer, Kali-Tweaks, new tools, and more!
Offensive Security has released Kali Linux 2021.2, the latest version of its popular open source penetration testing platform. You can download it or upgrade to it. Kali Linux …
Kali Linux team releases Kaboxer, a tool for managing applications in containers
The team behind the popular pentesting Kali Linux distro has released Kaboxer, a tool to help penetration testers use older applications that don’t work on modern …
DevOps didn’t kill WAF, because WAF will never truly die
The web application firewall (WAF) is dead, they say, and DevOps is the culprit, found over the body in the server room with a blade in its hand and splattered code on its …
When the adversarial view of the attack surface is missing, DX becomes riskier
Digital transformation (DX) has become a competitive imperative in most industries. Organizations that fail to make this shift successfully – or in a timely fashion …
Review: The Pentester Blueprint: Starting a Career as an Ethical Hacker
Brough to you by cybersecurity researcher Kim Crawley and pentester and author Phillip L. Wylie, The Pentester Blueprint gives insights into the most common hurdles …
How modern workflows can benefit from pentesting
Pentesting, also known as penetration testing, is a security assessment, an analysis, and progression of simulated attacks on an application (web, mobile, or API) or network …
MythBusters: What pentesting is (and what it is not)
You’ve probably seen the term pentesting pop up in security research and articles, but do you know what it really means? Simply put, penetration testing is a security …
Penetration testing leaving organizations with too many blind spots
While organizations invest significantly and rely heavily on penetration testing for security, the widely used approach doesn’t accurately measure their overall security …
SniperPhish: An all-in-one open-source phishing toolkit
SniperPhish is an all-in-one open-source phishing toolkit that pentesters and other security professionals can use for setting up and executing email and web-based spear …
MindAPI makes API security research and testing easier
Security researcher David Sopas has published a new open-source project: MindAPI, a mind map with resources for making API security research easier. “I love mind maps. …
Kali Linux 2021.1 released: Tweaked DEs and terminals, new tools, Kali ARM for Apple Silicon Macs
Offensive Security has released Kali Linux 2021.1, the latest version of its popular open source penetration testing platform. You can download it or upgrade to it. Kali Linux …