Ethical hacking & pentesting blog

Come for the PoCs and security research focused on new CVEs and stay for the ethical exploitation guides and how-tos our offensive security specialists create.

Security research
How we built an exploit for SessionReaper, CVE-2025-54236 in Magento 2 & Adobe Commerce
Author(s)
David Bors,
Matei "Mal" Badanoiu (aka CVE Jesus)
Published at
22 Oct 2025
Updated at
24 Oct 2025
Hacking tutorials
How web cache poisoning works and how to exploit it
Author(s)
Sacha Iakovenko
Published at
22 Jul 2025
Updated at
23 Jul 2025
Community wisdom
What the experts say: Machine learning in offensive security
Author(s)
Alice Teodorescu
Published at
26 Jun 2025
Updated at
16 Jul 2025
Security research
When severity scores mislead - the case against single-metric risk models
Author(s)
Iulian Tita
Published at
25 Jun 2025
Updated at
25 Jun 2025
Milestones
Beyond the hype: how we built a machine-learning classifier (and refused to call It AI)
Author(s)
Stefan Bratescu,
Cosmin Petrescu
Published at
18 Jun 2025
Updated at
03 Jul 2025
Milestones
How we cut web fuzzing FPs by 50% using Machine Learning
Author(s)
Stefan Bratescu,
Cosmin Petrescu
Published at
18 Jun 2025
Updated at
12 Aug 2025
Hacking tutorials
Beyond passive and active - a modern approach to network reconnaissance
Author(s)
Sacha Iakovenko
Published at
27 Mar 2025
Updated at
12 Aug 2025
Security research
Next.js security alert - how to attack and fix CVE-2025-29927
Author(s)
Iulian Tita
Published at
24 Mar 2025
Updated at
29 Jul 2025
Security research
How to extract TLS secrets from Android apps using Frida and Wireshark
Author(s)
David Bors
Published at
14 Mar 2025
Updated at
14 Mar 2025
Security research
Buffer Overflows and Authentication Bypasses - exploiting CVE-2025-0282 and CVE-2024-55591
Author(s)
Iulian Tita
Published at
28 Feb 2025
Updated at
28 Feb 2025
Security research
Unpacking LDAPNightmare (CVE-2024-49113 and CVE-2024-49112)
Author(s)
David Bors,
Catalin Iovita,
Iulian Tita
Published at
28 Jan 2025
Updated at
28 Jan 2025
Milestones
Year in review: 2024 on Pentest-Tools.com
Author(s)
Andra Zaharia
Published at
24 Dec 2024
Updated at
27 Mar 2025
Hacking tutorials
Cross-site WebSocket hijacking: understanding and exploiting CSWSH
Author(s)
Sacha Iakovenko
Published at
30 Oct 2024
Updated at
05 Nov 2024
Milestones
How and why we built the Kubernetes Vulnerability Scanner
Author(s)
David Bors
Published at
27 Sep 2024
Updated at
10 Oct 2024
Community wisdom
70+ hacking books to level up your skills and thinking
Author(s)
Ioana Rijnetu,
Andra Zaharia
Published at
08 Jul 2024
Updated at
08 Jul 2024
Security research
What is CVE-2024-6387? Understand RegreSSHion, the OpenSSH vulnerability
Author(s)
David Bors
Published at
02 Jul 2024
Updated at
11 Jul 2024
Community wisdom
12 essential ethical hacking newsletters to read
Author(s)
Ioana Rijnetu
Published at
06 Jun 2024
Updated at
07 Jun 2024
Security research
How these vulnerabilities pushed offensive security forward
Author(s)
Kelyan Yesil
Published at
04 Jun 2024
Updated at
12 Aug 2025
Security research
Benchmarking our Website Vulnerability Scanner and 5 others
Author(s)
Alexandru Postolache
Published at
30 May 2024
Updated at
26 Jun 2024
Security research
Benchmarking our Network Vulnerability Scanner and 6 others
Author(s)
Daniel Bechenea
Published at
23 May 2024
Updated at
13 Aug 2024
Community wisdom
8 effective strategies for building trust in ethical hacking engagements
Author(s)
Ioana Rijnetu
Published at
11 Apr 2024
Updated at
12 Apr 2024
We think we know podcast
We think we know hackers thrive on deep environment knowledge
Author(s)
Andra Zaharia,
Ioana Rijnetu
Published at
09 Apr 2024
Updated at
09 Apr 2024
Security research
CVE-2024-3094 - The XZ Utils Backdoor, a critical SSH vulnerability in Linux
Author(s)
David Bors
Published at
02 Apr 2024
Updated at
02 Jul 2024
We think we know podcast
We think we know you can't attack what you don't understand
Author(s)
Andra Zaharia,
Ioana Rijnetu
Published at
26 Mar 2024
Updated at
26 Mar 2024
We think we know podcast
We think we know what makes a good pentester
Author(s)
Andra Zaharia,
Ioana Rijnetu
Published at
12 Mar 2024
Updated at
12 Aug 2025
We think we know podcast
We think we know what it takes to build hacking tools
Author(s)
Andra Zaharia,
Ioana Rijnetu
Published at
27 Feb 2024
Updated at
06 Mar 2024
We think we know podcast
We think we know our mind is our best hacking tool
Author(s)
Andra Zaharia,
Ioana Rijnetu
Published at
13 Feb 2024
Updated at
28 Feb 2024
Hacking tutorials
Mastering the essentials of API security with examples for OWASP Top 10 for APIs
Author(s)
Kelyan Yesil
Published at
09 Feb 2024
Updated at
10 Jun 2024
We think we know podcast
We think we know what it feels like when we do a good job
Author(s)
Andra Zaharia,
Ioana Rijnetu
Published at
30 Jan 2024
Updated at
28 Feb 2024
Community wisdom
Offensive security pros share how ChatGPT impacts their work
Author(s)
Kelyan Yesil
Published at
17 Jan 2024
Updated at
27 Mar 2025
We think we know podcast
We think we know how to build differentiating skills in offsec
Author(s)
Andra Zaharia,
Ioana Rijnetu
Published at
16 Jan 2024
Updated at
27 Mar 2025
We think we know podcast
We think we know the value of first principles in offensive security
Author(s)
Andra Zaharia,
Ioana Rijnetu
Published at
02 Jan 2024
Updated at
28 Feb 2024
Security research
Securing your Laravel application: A comprehensive guide
Author(s)
Cosmin Coman,
Cosmin Paunica
Published at
28 Dec 2023
Updated at
06 Apr 2025
Milestones
Year in review: 2023 on Pentest-Tools.com
Author(s)
Andra Zaharia
Published at
22 Dec 2023
Updated at
27 Dec 2023
Security research
Roundcube: exfiltrating emails with CVE-2021-44026
Author(s)
Catalin Iovita,
Robert Ismana,
Alexandru Postolache
Published at
22 Dec 2023
Updated at
22 Dec 2023
Security research
The Pentest-Tools.com vulnerability research manifesto
Author(s)
Andra Zaharia
Published at
21 Dec 2023
Updated at
08 Jan 2024
We think we know podcast
We think we know hacking is a tool for deeper change
Author(s)
Andra Zaharia,
Ioana Rijnetu
Published at
19 Dec 2023
Updated at
28 Feb 2024
We think we know podcast
We think we know offensive security is an infinite game (and why)
Author(s)
Andra Zaharia,
Ioana Rijnetu
Published at
05 Dec 2023
Updated at
01 Mar 2024
We think we know podcast
We think we know how to give pentest clients what they really need
Author(s)
Andra Zaharia,
Ioana Rijnetu
Published at
21 Nov 2023
Updated at
28 Feb 2024
Security research
From bypass to breach: how to get RCE in Confluence's latest CVEs
Author(s)
David Bors
Published at
14 Nov 2023
Updated at
11 Dec 2023
We think we know podcast
We think we know how to explain the value of a penetration test
Author(s)
Andra Zaharia,
Ioana Rijnetu
Published at
07 Nov 2023
Updated at
28 Feb 2024
Hacking tutorials
How to perform authenticated website scans with Pentest-Tools.com
Author(s)
Cristin Sirbu
Published at
06 Oct 2023
Updated at
04 Sep 2025
Security research
3 initial access tactics to simulate in your penetration tests
Author(s)
Catalin Iovita
Published at
29 Sep 2023
Updated at
15 Oct 2024
Community wisdom
How these offensive security books changed their readers - and their authors
Author(s)
Ioana Rijnetu,
Andra Zaharia
Published at
13 Sep 2023
Updated at
12 Aug 2025
Security research
Breaking down the 5 most common SQL injection attacks
Author(s)
Satyam Singh,
Kelyan Yesil
Published at
01 Sep 2023
Updated at
29 Apr 2024
Security research
10 Practical scenarios for XSS attacks
Author(s)
Satyam Singh,
Iulian Birlica
Published at
07 Jul 2023
Updated at
14 Aug 2025
Community wisdom
Pro tips from 10 ethical hackers for stellar reports
Author(s)
Ioana Rijnetu
Published at
05 May 2023
Updated at
30 Apr 2024
Security research
Why this 14-year-old heap corruption vulnerability in MS Word is still relevant
Author(s)
Kelyan Yesil
Published at
18 Apr 2023
Updated at
28 Nov 2023
Security research
Log4J - why some CVEs (almost) never disappear
Author(s)
Kelyan Yesil
Published at
07 Apr 2023
Updated at
08 Mar 2024
Security research
The most exploited vulnerabilities in 2022
Author(s)
Kelyan Yesil
Published at
16 Mar 2023
Updated at
10 Jun 2024
Security research
Thinking outside the box: 3 creative ways to exploit business logic vulnerabilities in pentests
Author(s)
Razvan Ionescu
Published at
02 Mar 2023
Updated at
15 Oct 2024
Security research
How supply chain attacks work and 7 ways to mitigate them
Author(s)
Iulian Tita
Published at
20 Feb 2023
Updated at
09 Apr 2024
Security research
100+ essential penetration testing statistics [2023 edition]
Author(s)
Ioana Rijnetu
Published at
13 Feb 2023
Updated at
14 Aug 2025
Security research
Phishing a company through a 7-Zip misconfiguration
Author(s)
Kelyan Yesil
Published at
19 Jan 2023
Updated at
15 Oct 2024
Security research
How the DMARC email security protocol can take down an entire company
Author(s)
Kelyan Yesil
Published at
13 Dec 2022
Updated at
10 Apr 2023
Community wisdom
17 Infosec pros talk about the future of penetration testing
Author(s)
Ioana Rijnetu
Published at
25 Nov 2022
Updated at
27 Mar 2025
Security research
Everything you need to know about the new OpenSSL vulnerabilities (CVE-2022-3602 & CVE-2022-3786)
Author(s)
Kelyan Yesil
Published at
18 Nov 2022
Updated at
29 Apr 2024
Hacking tutorials
How to conduct a full network vulnerability assessment
Author(s)
Daniel Bechenea
Published at
24 Aug 2022
Updated at
14 Aug 2025
Security research
Authenticated Magento RCE with deserialized PHAR files
Author(s)
Alexandru Postolache
Published at
03 Aug 2022
Updated at
29 Apr 2024
Platform updates
Visualize exploit paths with the Sniper network graph
Author(s)
Andra Zaharia
Published at
23 Jun 2022
Updated at
24 May 2024
Security research
How to manually detect CVE-2022-21371 in Oracle WebLogic Servers
Author(s)
Catalin Iovita
Published at
16 May 2022
Updated at
29 Apr 2024
Platform updates
April updates: Get RCE evidence for 6 critical CVEs
Author(s)
Ioana Rijnetu
Published at
05 May 2022
Updated at
06 Oct 2022
Security research
How to exploit Zabbix Unsafe Session Storage (CVE-2022-23131)
Author(s)
Published at
14 Apr 2022
Updated at
30 Apr 2024
Platform updates
March updates: Spring4Shell: find and confirm exploitable targets and more updates
Author(s)
Ioana Rijnetu
Published at
11 Apr 2022
Updated at
30 Apr 2024
Security research
How to manually detect and exploit Spring4Shell (CVE-2022-22965)
Author(s)
Stefan Iridon
Published at
11 Apr 2022
Updated at
01 Apr 2024
Platform updates
February updates: run deeper, more comprehensive scans
Author(s)
Ioana Rijnetu
Published at
16 Mar 2022
Updated at
11 Dec 2023
Security research
How to detect and exploit Citrix ADC and Citrix Gateway (CVE-2020-8194)
Author(s)
Catalin Filip
Published at
10 Mar 2022
Updated at
18 Jul 2023
Security research
How to exploit a Remote Code Execution vulnerability in Laravel (CVE-2021-3129)
Author(s)
Iulian Tita
Published at
03 Mar 2022
Updated at
30 Apr 2024
Security research
How to exploit the HTTP.sys Remote Code Execution vulnerability (CVE-2022-21907)
Author(s)
Stefan Iridon
Published at
28 Feb 2022
Updated at
13 Apr 2023
Platform updates
January updates: new pentest robots and stronger integration
Author(s)
Ioana Rijnetu
Published at
18 Feb 2022
Updated at
25 Jul 2022
Milestones
Behind the scenes – an interview with Adrian Furtuna, our founder and CEO
Author(s)
Ioana Rijnetu
Published at
16 Feb 2022
Updated at
14 Oct 2024
Security research
How to detect and exploit the Oracle WebLogic RCE (CVE-2020-14882 & CVE-2020-14883)
Author(s)
Catalin Iovita
Published at
02 Feb 2022
Updated at
01 Apr 2024
Security research
How to detect and exploit CVE-2021-26084, the Confluence Server RCE
Author(s)
Iulian Tita
Published at
31 Jan 2022
Updated at
24 Mar 2023
Security research
How to exploit the VMware vCenter RCE with Pentest-Tools.com (CVE-2021-21985)
Author(s)
Stefan Iridon
Published at
25 Jan 2022
Updated at
13 Apr 2023
Platform updates
December updates: 6 new ways to make your workflow smoother
Author(s)
Ioana Rijnetu
Published at
20 Jan 2022
Updated at
29 Apr 2024
Milestones
Year in review: 2021 on Pentest-Tools.com
Author(s)
Andra Zaharia
Published at
28 Dec 2021
Updated at
15 Oct 2024
Security research
How we detect and exploit Log4Shell to help you find targets using vulnerable Log4j versions
Author(s)
Adrian Furtuna
Published at
17 Dec 2021
Updated at
15 Oct 2024
Platform updates
November updates for powerful workflows, including detection for Log4Shell
Author(s)
Ioana Rijnetu
Published at
16 Dec 2021
Updated at
15 Oct 2024
Security research
Log4Shell scanner: detect and exploit Log4j CVE-2021-44228 in your network and web apps
Author(s)
Daniel Bechenea
Published at
14 Dec 2021
Updated at
13 Apr 2023
Security research
How to detect the Zoho ManageEngine ADSelfService Plus RCE (CVE-2021-40539)
Author(s)
Catalin Filip
Published at
13 Dec 2021
Updated at
18 Jul 2023
Security research
Detect and exploit Gitlab CE/EE RCE with Pentest-Tools.com (CVE-2021-22205)
Author(s)
Daniel Bechenea
Published at
05 Nov 2021
Updated at
12 Jul 2023
Milestones
We’re leveling up! Check out the new website and brand update!
Author(s)
Andra Zaharia
Published at
03 Nov 2021
Updated at
15 Oct 2024
Platform updates
Detect & exploit the latest CVEs + more automation updates
Author(s)
Ioana Rijnetu
Published at
05 Oct 2021
Updated at
29 Apr 2024
Hacking tutorials
How to detect CVE-2021-22986 RCE with Pentest-Tools.com
Author(s)
Cristian Cornea
Published at
21 Sep 2021
Updated at
29 Apr 2024
Platform updates
Detect critical CVEs, scan stats + more updates
Author(s)
Ioana Rijnetu
Published at
14 Sep 2021
Updated at
29 Apr 2024
Milestones
Behind the Tools: Răzvan Ionescu on the growth mindset, insatiable curiosity, and being comfortable with change in ethical hacking
Author(s)
Ioana Rijnetu
Published at
03 Sep 2021
Updated at
18 Oct 2023
Platform updates
Detect ProxyShell (pre-auth Microsoft Exchange RCE) with Pentest-Tools.com
Author(s)
Andra Zaharia
Published at
11 Aug 2021
Updated at
29 Apr 2024
Security research
6 techniques for account enumeration in a penetration test [demo included]
Author(s)
Cristian Cornea
Published at
20 Jul 2021
Updated at
10 Jul 2022
Platform updates
OWASP & CWE vuln classifcation added, wordlist limit increased, and more updates
Author(s)
Ioana Rijnetu
Published at
11 Jun 2021
Updated at
29 Apr 2024
Platform updates
Detect Microsoft Exchange RCE #proxynotfound with our Network Vulnerability Scanner
Author(s)
Andra Zaharia
Published at
13 May 2021
Updated at
29 Apr 2024
Platform updates
New modules, methods & payload - April updates
Author(s)
Ioana Rijnetu
Published at
23 Apr 2021
Updated at
29 Apr 2024
Security research
How to detect VMware vCenter RCE with Pentest-Tools.com (CVE-2021-21972)
Author(s)
Daniel Bechenea
Published at
19 Apr 2021
Updated at
24 Mar 2023
Hacking tutorials
How to detect sensitive data exposure with Pentest-Tools.com
Author(s)
Cristian Cornea
Published at
14 Apr 2021
Updated at
29 Apr 2024
Hacking tutorials
How to detect broken authentication with Pentest-Tools.com
Author(s)
Cristian Cornea
Published at
07 Apr 2021
Updated at
29 Apr 2024
Hacking tutorials
How to do a full website vulnerability assessment with Pentest-Tools.com
Author(s)
Daniel Bechenea
Published at
31 Mar 2021
Updated at
14 Aug 2025
Platform updates
Run laser-focused scans with these 5 platform updates
Author(s)
Ioana Rijnetu
Published at
22 Mar 2021
Updated at
29 Apr 2024
Hacking tutorials
How to detect injection flaws with Pentest-Tools.com
Author(s)
Cristian Cornea
Published at
19 Mar 2021
Updated at
29 Apr 2024
Platform updates
4 platform updates you need to know about
Author(s)
Ioana Rijnetu
Published at
21 Feb 2021
Updated at
15 Oct 2024
Milestones
Why Pentest Robots are rocket fuel for pentesters, not their replacement
Author(s)
Andra Zaharia
Published at
10 Dec 2020
Updated at
17 Apr 2025
Platform updates
Work like a pro: 4 automation updates to save time and simplify your workflow
Author(s)
Ioana Rijnetu
Published at
17 Nov 2020
Updated at
29 Apr 2024
Security research
Discover how dangerous a ‘Bad Neighbor’ can be - TCP/IP Vulnerability (CVE-2020-16898)
Author(s)
Cristian Cornea
Published at
03 Nov 2020
Updated at
18 Jul 2023
Platform updates
Work smarter, not harder: 5 updates to enhance automation
Author(s)
Ioana Rijnetu
Published at
26 Oct 2020
Updated at
07 Jul 2022
Security research
Why Zerologon is the silent threat in your network
Author(s)
Cristian Cornea
Published at
21 Oct 2020
Updated at
18 Jul 2023
Milestones
Why we continue to support young people find their way in infosec
Author(s)
Ioana Rijnetu
Published at
15 Oct 2020
Updated at
16 Jan 2023
Platform updates
4 updates for next-level automation in security testing
Author(s)
Ioana Rijnetu
Published at
05 Oct 2020
Updated at
18 Jul 2023
Platform updates
[New feature] Discover your Network’s Attack Surface
Author(s)
Ioana Rijnetu
Published at
18 Sep 2020
Updated at
02 Aug 2022
Platform updates
New VPN agent formats, API methods, filters & other updates
Author(s)
Ioana Rijnetu
Published at
25 Aug 2020
Updated at
07 Jul 2022
Security research
Find out why lower-severity vulns are the bigger pain
Author(s)
Ioana Rijnetu
Published at
29 Jul 2020
Updated at
07 Jul 2022
Platform updates
2FA, email scan notifications & more updates
Author(s)
Ioana Rijnetu
Published at
27 Jul 2020
Updated at
29 Apr 2024
Platform updates
[New scanner] Detect vulnerable F5 BIG-IP devices with Pentest-Tools.com
Author(s)
Ioana Rijnetu
Published at
20 Jul 2020
Updated at
07 Jul 2022
Security research
The 17-year-old DNS vulnerability that leads to RCE in Windows
Author(s)
Cristian Cornea
Published at
17 Jul 2020
Updated at
30 Apr 2024
Security research
How to attack F5 BIG-IP using CVE-2020-5902 (TMUI RCE)
Author(s)
Cristian Cornea
Published at
08 Jul 2020
Updated at
10 Jun 2024
Security research
How to chain SMBleed and SMBGhost to get RCE in Windows 10
Author(s)
Cristian Cornea
Published at
07 Jul 2020
Updated at
01 Apr 2024
Platform updates
New filters for Findings, Import targets with descriptions & more updates
Author(s)
Ioana Rijnetu
Published at
19 Jun 2020
Updated at
29 Apr 2024
Security research
How to exploit the DotNetNuke Cookie Deserialization
Author(s)
Cristian Cornea
Published at
10 Jun 2020
Updated at
13 Apr 2023
Platform updates
[New feature] Scan internal networks with the VPN Agent
Author(s)
Ioana Rijnetu
Published at
05 Jun 2020
Updated at
30 Apr 2024
Security research
How to exploit the PHAR deserialization vulnerability
Author(s)
Alexandru Postolache
Published at
29 May 2020
Updated at
29 Apr 2024
Platform updates
Jira integration, Export results as JSON & more platform updates
Author(s)
Ioana Rijnetu
Published at
17 Apr 2020
Updated at
15 Oct 2024
Security research
How to detect the Microsoft SMBGhost vulnerability with Pentest-Tools.com
Author(s)
Ioana Rijnetu
Published at
23 Mar 2020
Updated at
13 Apr 2023
Platform updates
[New scanners] Detect SMBGhost and Ghostcat vulnerabilities with Pentest-Tools.com
Author(s)
Ioana Rijnetu
Published at
18 Mar 2020
Updated at
19 May 2023
Platform updates
[New enterprise feature] Add sub-users and share your Pentest-Tools.com plan
Author(s)
Ioana Rijnetu
Published at
11 Mar 2020
Updated at
30 Apr 2024
Hacking tutorials
How to simulate phishing attacks with the HTTP Request Logger
Author(s)
Razvan Ionescu
Published at
20 Feb 2020
Updated at
29 Apr 2024
Platform updates
API support for TCP Port Scan, API scans & more updates
Author(s)
Ioana Rijnetu
Published at
15 Feb 2020
Updated at
29 Apr 2024
Platform updates
New tool for detecting the critical Citrix RCE vulnerability (CVE-2019-19781)
Author(s)
Ioana Rijnetu
Published at
14 Jan 2020
Updated at
12 Aug 2025
Security research
How to detect the SACK Panic vulnerability with Wireshark
Author(s)
Stefan Bratescu
Published at
09 Jan 2020
Updated at
22 Jun 2023
Milestones
Black Hat Europe 2019 Highlights
Author(s)
Ioana Rijnetu
Published at
11 Dec 2019
Updated at
18 Jul 2023
Platform updates
Schedule multiple scans, advanced search filters & more updates
Author(s)
Ioana Rijnetu
Published at
11 Nov 2019
Updated at
29 Apr 2024
Security research
Capital One, CafePress, Suprema data breaches and their root causes
Author(s)
Ioana Rijnetu
Published at
15 Oct 2019
Updated at
17 Jul 2023
Security research
Analysis of recent Exim mail server vulnerabilities
Author(s)
Ioana Rijnetu
Published at
10 Oct 2019
Updated at
12 Aug 2025
Hacking tutorials
How to Perform Internal Network Scanning with Pentest-Tools.com
Author(s)
Cosmin Tudor
Published at
28 Sep 2019
Updated at
10 Jun 2024
Platform updates
Announcing our new subscription-based pricing options
Author(s)
Ioana Rijnetu
Published at
25 Sep 2019
Updated at
29 Apr 2024
Platform updates
[New feature] Internal network scanning with Pentest-Tools.com
Author(s)
Ioana Rijnetu
Published at
24 Sep 2019
Updated at
07 Jul 2022
Security research
How to exploit the BlueKeep vulnerability with Metasploit
Author(s)
Razvan Ionescu,
Stefan Bratescu,
Cristin Sirbu
Published at
10 Sep 2019
Updated at
01 Apr 2024
Milestones
Pentest-Tools.com to participate at Black Hat Europe 2019
Author(s)
Ioana Rijnetu
Published at
28 Aug 2019
Updated at
05 Jul 2022
Platform updates
Customized white label, website scanner improvements & other platform updates
Author(s)
Ioana Rijnetu
Published at
20 Aug 2019
Updated at
29 Apr 2024
Platform updates
Delete scans through the API, edit scheduled scans, and more improvements
Author(s)
Ioana Rijnetu
Published at
30 Jul 2019
Updated at
15 Oct 2024
Platform updates
[New scanners] Find Associated Domains, Password Auditor, and 2 more new tools
Author(s)
Ioana Rijnetu
Published at
25 Jul 2019
Updated at
29 Apr 2024
Security research
BlueKeep, the Microsoft RDP vulnerability - What we know so far
Author(s)
Ioana Rijnetu
Published at
23 Jul 2019
Updated at
14 Oct 2024
Security research
Exploiting SQL Injection in Magento Using Sqlmap
Author(s)
Alexandru Postolache
Published at
14 Jun 2019
Updated at
29 Apr 2024
Hacking tutorials
How to do a Basic Website Vulnerability Assessment with Pentest-Tools.com
Author(s)
Adrian Furtuna
Published at
24 May 2019
Updated at
04 Jun 2024
Platform updates
Announcing our managed pentesting services for web applications
Author(s)
Ioana Rijnetu
Published at
23 May 2019
Updated at
04 Jun 2024
Security research
Analysis of a WordPress Remote Code Execution attack
Author(s)
Razvan Ionescu
Published at
21 May 2019
Updated at
30 Apr 2024
Platform updates
A faster, enhanced version of the advanced pentest reporting feature
Author(s)
Ioana Rijnetu
Published at
15 Mar 2019
Updated at
15 Oct 2024
Security research
Exploiting OGNL Injection in Apache Struts
Author(s)
Ionuț Popescu
Published at
14 Mar 2019
Updated at
29 Apr 2024
Platform updates
An enhanced version of our Website Vulnerability Scanner
Author(s)
Ioana Rijnetu
Published at
13 Feb 2019
Updated at
15 Oct 2024
Security research
Inside Nmap, the world’s most famous port scanner
Author(s)
Satyam Singh
Published at
08 Jan 2019
Updated at
17 Jul 2023
Milestones
Pentest report writing in 5 minutes (Defcamp 2018 talk)
Author(s)
Adrian Furtuna
Published at
12 Nov 2018
Updated at
10 Jul 2022
Security research
Essential HTTP Headers for securing your web server
Author(s)
Satyam Singh
Published at
22 Oct 2018
Updated at
29 Apr 2024

Discover our ethical hacking toolkit and all the free tools you can use!

Create free account

Target illustration