Ethical hacking & pentesting blog
Come for the PoCs and security research focused on new CVEs and stay for the ethical exploitation guides and how-tos our offensive security specialists create.
How to do a full website vulnerability assessment with Pentest-Tools.com
As a pentester, I have a good day when my workflow is smooth and uninterrupted. Pushing routine tasks to the background (sweet automation!) helps me stay focused. It frees up my mind to work on interesting findings and attack sequences that not everyone can see. Plus, it feels good to be productive and get stuff done!
Run laser-focused scans with these 5 platform updates
This month we roll out 5 fresh updates worth trying. Why?
Pentest Robots - rocket fuel for pentesters, not their replacement
Let me say this from the start: full automation is the wrong approach for scaling penetration testing. The whole “machines will replace humans” view doesn’t sit well with us. It’s too simplistic and it fails to capture the complexity and depth involved in security testing and the larger information security ecosystem. So how come we launched pentest robots - an automation feature - at Black Hat Europe 2020?
Work like a pro: 4 automation updates to save time and simplify your workflow
We worked hard this month to roll out new updates and we’re excited to share them with you! These 4 platform features are all about making your workflow smoother, so you can focus on the essential tasks:
Discover how dangerous a ‘Bad Neighbor’ can be - TCP/IP Vulnerability (CVE-2020-16898)
Patching is never easy, but doing it imperfectly can come back to bite you. That’s why today we’re unpacking a vulnerability that can resurface when improperly mitigated.
Why Zerologon is the silent threat in your network
No red flags. No alerts. Full-on compromise. The way cybercriminals are putting together various vulnerabilities within the Microsoft infrastructure, including Zerologon vulnerability (CVE-2020-1472), is more than a trending topic in the infosec community. It’s a massive threat for organizations small and large.
Why we continue to support young people find their way in infosec
Lifelong learning, constant practice, and the need to share knowledge and ideas with others are the reasons that got us in the infosec community. Because we all try to do our best in the work we do and have a positive impact on our field. And for that, we need to remind ourselves to stay engaged and always practice what we preach.