TagsPlatformHow to conduct a full network vulnerability assessmentThe best ethical hackers build and maintain an outstanding workflow and process because it pays off – big time! When you’re always overwhelmed with work, it’s difficult to make time for tweaks and improvements, even if we both know they have compound returns in the long run.Author(s)Daniel BecheneaPublished at24 Aug 2022Updated at18 Aug 2023November updates for powerful workflows, including detection for Log4ShellGiving you the tools you need right now to speed up detection and reporting is always our top priority. Especially when your work is essential to effectively prioritize remediation. So, with every monthly update, we strive to do just that.Author(s)Ioana RijnetuPublished at16 Dec 2021Updated at05 Oct 2022We’re leveling up! Check out the new website and brand update!As an ethical hacker, you know there’s always more to a piece of technology than meets the eye.Author(s)Andra ZahariaPublished at03 Nov 2021Updated at05 Oct 2022Detect & exploit the latest CVEs + more automation updates“Great and getting even better” is what we commit to with each monthly update we roll out on Pentest-Tools.com.Author(s)Ioana RijnetuPublished at05 Oct 2021Updated at11 May 2023How to detect CVE-2021-22986 RCE with Pentest-Tools.comAs a pentester, when you see a major critical vulnerability persist for months in unpatched systems (like Log4Shell), you have a responsibility to help others understand its severity and how they can fix it. This is exactly why this article exists.Author(s)Cristian CorneaPublished at21 Sep 2021Updated at09 Jun 2023Detect critical CVEs, scan stats + more updatesIf you’ve had an intense summer, that makes two of us. We worked hard to roll out new and helpful updates, so let’s break them down:Author(s)Ioana RijnetuPublished at14 Sep 2021Updated at06 Jul 2022Detect ProxyShell (pre-auth Microsoft Exchange RCE) with Pentest-Tools.comOn-prem Microsoft Exchange servers have created a lot of work for IT and security specialists in the past months. In March, ProxyLogon left servers vulnerable to Server-Side Request Forgery through CVE-2021-26855, so we launched a dedicated scanner for it. In May, #proxynotfound popped up, so we integrated detection for it into our Network Vulnerability Scanner to make detection and reporting faster.Author(s)Andra ZahariaPublished at11 Aug 2021Updated at17 Jul 2023OWASP & CWE vuln classifcation added, wordlist limit increased, and more updatesThis month we rolled out 5 platform improvements that streamline your pentests so you can do more of the work you most enjoy:Author(s)Ioana RijnetuPublished at11 Jun 2021Updated at08 Jul 2022Detect Microsoft Exchange RCE #proxynotfound with our Network Vulnerability ScannerRunning on-prem Microsoft Exchange servers? If you didn’t catch the NSA boilerplate announcement, there’s another batch of vulnerabilities to scan for – and we built what you need.Author(s)Andra ZahariaPublished at13 May 2021Updated at18 Jul 2023New modules, methods & payload - April updatesIt’s been a busy month for us and we’re excited to share what we worked on!Author(s)Ioana RijnetuPublished at23 Apr 2021Updated at07 Jul 2022How to detect Sensitive Data Exposure with Pentest-Tools.comThe best security specialists have a very strong grasp of fundamental vulnerabilities, the kind that pops up in every engagement.Author(s)Cristian CorneaPublished at14 Apr 2021Updated at09 Jun 2023How to detect broken authentication with Pentest-Tools.comOWASP Top 10 is an industry staple for a reason: because it’s incredibly well documented and provides a reliable framework for security specialists striving to prioritize vulns.Author(s)Cristian CorneaPublished at07 Apr 2021Updated at18 Jul 2023123
How to conduct a full network vulnerability assessmentThe best ethical hackers build and maintain an outstanding workflow and process because it pays off – big time! When you’re always overwhelmed with work, it’s difficult to make time for tweaks and improvements, even if we both know they have compound returns in the long run.Author(s)Daniel BecheneaPublished at24 Aug 2022Updated at18 Aug 2023
November updates for powerful workflows, including detection for Log4ShellGiving you the tools you need right now to speed up detection and reporting is always our top priority. Especially when your work is essential to effectively prioritize remediation. So, with every monthly update, we strive to do just that.Author(s)Ioana RijnetuPublished at16 Dec 2021Updated at05 Oct 2022
We’re leveling up! Check out the new website and brand update!As an ethical hacker, you know there’s always more to a piece of technology than meets the eye.Author(s)Andra ZahariaPublished at03 Nov 2021Updated at05 Oct 2022
Detect & exploit the latest CVEs + more automation updates“Great and getting even better” is what we commit to with each monthly update we roll out on Pentest-Tools.com.Author(s)Ioana RijnetuPublished at05 Oct 2021Updated at11 May 2023
How to detect CVE-2021-22986 RCE with Pentest-Tools.comAs a pentester, when you see a major critical vulnerability persist for months in unpatched systems (like Log4Shell), you have a responsibility to help others understand its severity and how they can fix it. This is exactly why this article exists.Author(s)Cristian CorneaPublished at21 Sep 2021Updated at09 Jun 2023
Detect critical CVEs, scan stats + more updatesIf you’ve had an intense summer, that makes two of us. We worked hard to roll out new and helpful updates, so let’s break them down:Author(s)Ioana RijnetuPublished at14 Sep 2021Updated at06 Jul 2022
Detect ProxyShell (pre-auth Microsoft Exchange RCE) with Pentest-Tools.comOn-prem Microsoft Exchange servers have created a lot of work for IT and security specialists in the past months. In March, ProxyLogon left servers vulnerable to Server-Side Request Forgery through CVE-2021-26855, so we launched a dedicated scanner for it. In May, #proxynotfound popped up, so we integrated detection for it into our Network Vulnerability Scanner to make detection and reporting faster.Author(s)Andra ZahariaPublished at11 Aug 2021Updated at17 Jul 2023
OWASP & CWE vuln classifcation added, wordlist limit increased, and more updatesThis month we rolled out 5 platform improvements that streamline your pentests so you can do more of the work you most enjoy:Author(s)Ioana RijnetuPublished at11 Jun 2021Updated at08 Jul 2022
Detect Microsoft Exchange RCE #proxynotfound with our Network Vulnerability ScannerRunning on-prem Microsoft Exchange servers? If you didn’t catch the NSA boilerplate announcement, there’s another batch of vulnerabilities to scan for – and we built what you need.Author(s)Andra ZahariaPublished at13 May 2021Updated at18 Jul 2023
New modules, methods & payload - April updatesIt’s been a busy month for us and we’re excited to share what we worked on!Author(s)Ioana RijnetuPublished at23 Apr 2021Updated at07 Jul 2022
How to detect Sensitive Data Exposure with Pentest-Tools.comThe best security specialists have a very strong grasp of fundamental vulnerabilities, the kind that pops up in every engagement.Author(s)Cristian CorneaPublished at14 Apr 2021Updated at09 Jun 2023
How to detect broken authentication with Pentest-Tools.comOWASP Top 10 is an industry staple for a reason: because it’s incredibly well documented and provides a reliable framework for security specialists striving to prioritize vulns.Author(s)Cristian CorneaPublished at07 Apr 2021Updated at18 Jul 2023
