Search • Page 3/13

Search the Pentest-Tools.com Blog

Mastering the essentials of API security with examples for OWASP Top 10 for APIs

When you hear about API (Application Programming Interface), do you get anxious because you don’t understand it very well? Do you feel like you can’t keep up with new technology? If you do, you’re not alone! Take a deep breath. Take another. Excellent! I’ll help you overcome your API security FOMO. In this guide, you’ll learn: how APIs work how to exploit the most common API vulnerabilities real-life examples of data breaches caused by API security issues API security best practices, and much more!

Author(s)

Kelyan Yesil

Published at: 09 Feb 2024

We think we know podcast

We think we know what it feels like when we do a good job

To deliver meaningful results as a pentester you have to be both patient and persistent. You have to love the process and strive for results for your clients. You also have to go in-depth and cultivate a broader understanding of all the pieces of the puzzle. Today’s guest, Willa Riggins, talks about how “every small piece contributes to the larger picture” in pentesting and explains why “it's about understanding the intricacies and appreciating the craftsmanship."

Author(s)

Published at: 30 Jan 2024

How ChatGPT impacts offensive security pros work

Community wisdom

Offensive security pros share how ChatGPT impacts their work

Could 2024 be a pivotal moment for AI in offensive security? We know it challenges us to explore new ways to simplify our work, but how will penetration testers use ChatGPT as a tool for meaningful change? And, most importantly, which new advancements in this space are worth keeping an eye on?

Author(s)

Kelyan Yesil

Published at: 17 Jan 2024

We think we know podcast

We think we know how to build differentiating skills in offsec

There’s a constant loop of learning, doing, and improving in offensive security. And one way to develop the “muscle” to tackle complex security challenges is through hands-on training. That’s what IppSec, our guest, does with kindness, passion, and in the community’s best interest.

Author(s)

Published at: 16 Jan 2024

We think we know podcast

We think we know the value of first principles in offensive security

Ready to excel in offensive security this year? Delve into the mind of Vivek Ramachandran, a cybersecurity virtuoso who’s seen (and learned) a lot in this field.

Author(s)

Published at: 02 Jan 2024

Security research

Securing your Laravel application: A comprehensive guide

As someone who has worked with the Laravel framework for years, I've seen firsthand the importance of taking security seriously. I've seen how simple mistakes lead to disastrous consequences, and I've also seen the benefits of a secure and well-maintained Laravel application.

Author(s)

Published at: 28 Dec 2023

Milestones

Year in review: 2023 on Pentest-Tools.com

What you're about to see is a blend of worn-out keyboards, stubborn research, gallons of coffee, and a dash of frustration, all catalyzed by listening closely to what you, our customers, really want. Mix all of these and you get more than a product, more than a team that’s growing a company on its own terms.

Author(s)

Andra Zaharia

Published at: 22 Dec 2023

Security research

Roundcube: exfiltrating emails with CVE-2021-44026

Have you ever asked yourself: what is the half-life of a disclosed vulnerability? When should we stop worrying about it?

Author(s)

Published at: 22 Dec 2023

Security research

The Pentest-Tools.com vulnerability research manifesto

We work everyday to develop the tools, detections, and exploits that help ethical hackers fight to improve organizations’ defenses. As you know, the fight is unfair - and rigged: penetration testers and other offensive security practitioners are bound by the terms of engagement, while attackers are free to do anything - and everything.

Author(s)

Andra Zaharia

Published at: 21 Dec 2023

We think we know podcast

We think we know hacking is a tool for deeper change

If you have questions that boggle your mind about penetration testing, Jayson is the person to learn from. In the fourth episode of our We think we know podcast, we delve into the world of ethical hacking with the legendary Jayson E. Street.

Author(s)

Published at: 19 Dec 2023

We think we know podcast

We think we know offensive security is an infinite game (and why)

There is no end goal in this industry. You're always going to keep moving forward. This quote from our guest does a great job at capturing the conversation we explore in this podcast: the love for the process, the hunger for knowledge, how to add value for clients, and become a better penetration tester. For the third episode of We think we know, we welcome Tim Connell, an enthusiastic penetration tester and the Director of Cybersecurity Services at Pulsar Security, to explore the most common security testing myths and misconceptions.

Author(s)

Published at: 05 Dec 2023

We think we know podcast

We think we know how to give pentest clients what they really need

It’s not just penetration testing, just like today’s guest is not just an offensive security pro. If you’re the ambitious type who’s always up for new challenges, then you’re most likely going to resonate with today’s guest and his approach. Experienced penetration tester and Volkis co-founder, Alexei Doudkine joins us in the second episode of We think we know to debunk pentesting misconceptions.

Author(s)

Published at: 21 Nov 2023

Discover our ethical hacking toolkit and all the free tools you can use!

Create free account