Search • Page 5/10

Search the Pentest-Tools.com Blog

Detect critical CVEs, scan stats + more updates

If you’ve had an intense summer, that makes two of us. We worked hard to roll out new and helpful updates, so let’s break them down:

Author(s)

Ioana Rijnetu

Published at: 14 Sep 2021

Read the article titled Behind the Tools: Răzvan Ionescu on the growth mindset, insatiable curiosity, and being comfortable with change in ethical hacking

Behind the Tools: Răzvan Ionescu on the growth mindset, insatiable curiosity, and being comfortable with change in ethical hacking

At Pentest-Tools.com, we use our managed pentesting services to learn from our customers and listen to them. Every one of us works hard to understand what users need and why, feeding that knowledge into the platform while we continue to learn and grow as individuals and as a team. That’s why we eat our own dog food and we always practice what we preach.

Author(s)

Ioana Rijnetu

Published at: 03 Sep 2021

Detect ProxyShell (pre-auth Microsoft Exchange RCE) with Pentest-Tools.com

On-prem Microsoft Exchange servers have created a lot of work for IT and security specialists in the past months. In March, ProxyLogon left servers vulnerable to Server-Side Request Forgery through CVE-2021-26855, so we launched a dedicated scanner for it. In May, #proxynotfound popped up, so we integrated detection for it into our Network Vulnerability Scanner to make detection and reporting faster.

Author(s)

Andra Zaharia

Published at: 11 Aug 2021

6 techniques for account enumeration in a penetration test [demo included]

Enumeration is one of the essential tactics that help you gain a foothold in your target’s ecosystem. As a penetration tester, you can gain a lot of speed and prep your exploitation phase more thoroughly if you get enumeration right.

Author(s)

Cristian Cornea

Published at: 20 Jul 2021

OWASP & CWE vuln classifcation added, wordlist limit increased, and more updates

This month we rolled out 5 platform improvements that streamline your pentests so you can do more of the work you most enjoy:

Author(s)

Ioana Rijnetu

Published at: 11 Jun 2021

Detect Microsoft Exchange RCE #proxynotfound with our Network Vulnerability Scanner

Running on-prem Microsoft Exchange servers? If you didn’t catch the NSA boilerplate announcement, there’s another batch of vulnerabilities to scan for – and we built what you need.

Author(s)

Andra Zaharia

Published at: 13 May 2021

New modules, methods & payload - April updates

It’s been a busy month for us and we’re excited to share what we worked on!

Author(s)

Ioana Rijnetu

Published at: 23 Apr 2021

How to detect VMware vCenter RCE with Pentest-Tools.com (CVE-2021-21972)

The current, multi-layer setup big organizations run on is a challenge to manage and we both know that (it’s an understatement). And when a vulnerability like CVE-2021-21972 pops up, it reveals how messy the process of patching and mitigation can be.

Author(s)

Daniel Bechenea

Published at: 19 Apr 2021

How to detect Sensitive Data Exposure with Pentest-Tools.com

The best security specialists have a very strong grasp of fundamental vulnerabilities, the kind that pops up in every engagement.

Author(s)

Cristian Cornea

Published at: 14 Apr 2021

How to detect broken authentication with Pentest-Tools.com

OWASP Top 10 is an industry staple for a reason: because it’s incredibly well documented and provides a reliable framework for security specialists striving to prioritize vulns.

Author(s)

Cristian Cornea

Published at: 07 Apr 2021

How to do a full website vulnerability assessment with Pentest-Tools.com

As a pentester, I have a good day when my workflow is smooth and uninterrupted. Pushing routine tasks to the background (sweet automation!) helps me stay focused. It frees up my mind to work on interesting findings and attack sequences that not everyone can see. Plus, it feels good to be productive and get stuff done!

Author(s)

Daniel Bechenea

Published at: 31 Mar 2021

Run laser-focused scans with these 5 platform updates

This month we roll out 5 fresh updates worth trying. Why?

Author(s)

Ioana Rijnetu

Published at: 22 Mar 2021