Search • Page 8/13
![Read the article titled 6 techniques for account enumeration in a penetration test [demo included]](/_vercel/image?url=https:%2F%2Fcontent.pentest-tools.com%2Fassets%2Fcontent%2Faccount-enumeration-techniques-pentesting%2Faccount-enumeration-tactics.webp&w=1536&q=100)
Enumeration is one of the essential tactics that help you gain a foothold in your target’s ecosystem. As a penetration tester, you can gain a lot of speed and prep your exploitation phase more thoroughly if you get enumeration right.
Running on-prem Microsoft Exchange servers? If you didn’t catch the NSA boilerplate announcement, there’s another batch of vulnerabilities to scan for – and we built what you need.
The current, multi-layer setup big organizations run on is a challenge to manage and we both know that (it’s an understatement). And when a vulnerability like CVE-2021-21972 pops up, it reveals how messy the process of patching and mitigation can be.
As a pentester, I have a good day when my workflow is smooth and uninterrupted. Pushing routine tasks to the background (sweet automation!) helps me stay focused. It frees up my mind to work on interesting findings and attack sequences that not everyone can see. Plus, it feels good to be productive and get stuff done!
Let me say this from the start: full automation is the wrong approach for scaling penetration testing. The whole “machines will replace humans” view doesn’t sit well with us. It’s too simplistic and it fails to capture the complexity and depth involved in security testing and the larger information security ecosystem. So how come we launched pentest robots - an automation feature - at Black Hat Europe 2020?
