Ethical hacking & pentesting blog

Come for the PoCs and security research focused on new CVEs and stay for the ethical exploitation guides and how-tos our offensive security specialists create.

Read the article titled detect-cve-2021-21972.webp

Security Research

How to detect VMware vCenter RCE with Pentest-Tools.com (CVE-2021-21972)

The current, multi-layer setup big organizations run on is a challenge to manage and we both know that (it’s an understatement). And when a vulnerability like CVE-2021-21972 pops up, it reveals how messy the process of patching and mitigation can be.

Daniel Bechenea

Published at: 19 Apr 2021

7 min read

Read the article titled sensitive-data-exposure-vuln.webp

Platform Tutorials

How to detect Sensitive Data Exposure with Pentest-Tools.com

The best security specialists have a very strong grasp of fundamental vulnerabilities, the kind that pops up in every engagement.

Cristian Cornea

Published at: 14 Apr 2021

7 min read

Read the article titled detect-broken-authentication-with-pentest-tools.com_-1.webp

Platform Tutorials

How to detect broken authentication with Pentest-Tools.com

OWASP Top 10 is an industry staple for a reason: because it’s incredibly well documented and provides a reliable framework for security specialists striving to prioritize vulns.

Cristian Cornea

Published at: 07 Apr 2021

9 min read

Read the article titled website-vulnerability-assessment.webp

Platform Tutorials

How to do a full website vulnerability assessment with Pentest-Tools.com

As a pentester, I have a good day when my workflow is smooth and uninterrupted. Pushing routine tasks to the background (sweet automation!) helps me stay focused. It frees up my mind to work on interesting findings and attack sequences that not everyone can see. Plus, it feels good to be productive and get stuff done!

Daniel Bechenea

Published at: 31 Mar 2021

12 min read

Platform Updates

Run laser-focused scans with these 5 platform updates

This month we roll out 5 fresh updates worth trying. Why?

Ioana Rijnetu

Published at: 22 Mar 2021

3 min read

Read the article titled detect-injection-flaws-with-pentest-tools.com_.webp

Platform Tutorials

How to detect injection flaws with Pentest-Tools.com

Whether you’re a penetration tester, bug bounty hunter, or security pro, you’re probably familiar with all the OWASP Top 10 vulnerabilities affecting web applications.

Cristian Cornea

Published at: 19 Mar 2021

11 min read

Read the article titled 4-platform-improvements-added-pentest-tools.com_.webp

Platform Updates

4 platform updates you need to know about

It’s been an intense start to the New Year and we’re excited to share what we worked on! These 4 platform improvements are all about streamlining your workflow, so you can focus on the important tasks.

Ioana Rijnetu

Published at: 21 Feb 2021

2 min read

Read the article titled pentest-robots-feature-launch-at-black-hat-europe-.webp

Events

Pentest Robots - rocket fuel for pentesters, not their replacement

Let me say this from the start: full automation is the wrong approach for scaling penetration testing. The whole “machines will replace humans” view doesn’t sit well with us. It’s too simplistic and it fails to capture the complexity and depth involved in security testing and the larger information security ecosystem. So how come we launched pentest robots - an automation feature - at Black Hat Europe 2020?

Andra Zaharia

Published at: 10 Dec 2020

12 min read

Read the article titled pentest-tools.com-november-product-updates.webp

Platform Updates

Work like a pro: 4 automation updates to save time and simplify your workflow

We worked hard this month to roll out new updates and we’re excited to share them with you! These 4 platform features are all about making your workflow smoother, so you can focus on the essential tasks:

Ioana Rijnetu

Published at: 17 Nov 2020

3 min read

Read the article titled scan-web-applications-that-require-authentication-pentest-tools.com_.webp

Platform Tutorials

How to perform authenticated website scans with Pentest-Tools.com

This article shows how to scan a web application that requires authentication using the Website Vulnerability Scanner tool.

Cristin Sirbu

Published at: 04 Nov 2020

7 min read

Read the article titled microsoft-rce-vulnerability-bad-neighbor-2.webp

Security Research

Discover how dangerous a ‘Bad Neighbor’ can be - TCP/IP Vulnerability (CVE-2020-16898)

Patching is never easy, but doing it imperfectly can come back to bite you. That’s why today we’re unpacking a vulnerability that can resurface when improperly mitigated.

Cristian Cornea

Published at: 03 Nov 2020

8 min read

Platform Updates

Work smarter, not harder: 5 updates to enhance automation

It’s been an intense month and we’re excited to share the news! These 5 platform improvements are all about saving you time and energy, so you can focus on your most important tasks.

Ioana Rijnetu

Published at: 26 Oct 2020

3 min read