Authors
Andra Zaharia
Pentest-Tools.com, Head of Content & Community
Cyber-realist crushing infosec clichés through clarity, focus, and a solid moral code. Promoting cybersecurity literacy so we can all make smart decisions about how we allow our information society to evolve.
Posts by this author Page 3 out of 3
Platform updatesDetect ProxyShell (pre-auth Microsoft Exchange RCE) with Pentest-Tools.com
On-prem Microsoft Exchange servers have created a lot of work for IT and security specialists in the past months. In March, ProxyLogon left servers vulnerable to Server-Side Request Forgery through CVE-2021-26855, so we launched a dedicated scanner for it. In May, #proxynotfound popped up, so we integrated detection for it into our Network Vulnerability Scanner to make detection and reporting faster.
- Author(s)
- Published at
- Updated at
Platform updatesDetect Microsoft Exchange RCE #proxynotfound with our Network Vulnerability Scanner
Running on-prem Microsoft Exchange servers? If you didn’t catch the NSA boilerplate announcement, there’s another batch of vulnerabilities to scan for – and we built what you need.
- Author(s)
- Published at
- Updated at
MilestonesWhy Pentest Robots are rocket fuel for pentesters, not their replacement
Let me say this from the start: full automation is the wrong approach for scaling penetration testing. The whole “machines will replace humans” view doesn’t sit well with us. It’s too simplistic and it fails to capture the complexity and depth involved in security testing and the larger information security ecosystem. So how come we launched pentest robots - an automation feature - at Black Hat Europe 2020?
- Author(s)
- Published at
- Updated at
