Ethical hacking & pentesting blog
Come for the PoCs and security research focused on new CVEs and stay for the ethical exploitation guides and how-tos our offensive security specialists create.
How to simulate phishing attacks with the HTTP Request Logger
As a penetration tester or a Red Team security consultant, you probably deal with lots of challenges when you want to simulate phishing attacks using social engineering techniques. Because our team’s goal is to make your job easier by providing the right tools, we’ve put together a hands-on guide you can use straight away!
- Published at
- Updated at
API support for TCP Port Scan, API scans & more updates
Through our API integration, you can easily streamline and automate your pentesting tasks for better results. Because we know how important it is for your business, we’ve worked on improving our API system to become a fully programmable penetration testing platform for your specific needs. Here are 3 new API improvements we added in the current update
- Published at
- Updated at
New tool for detecting the critical Citrix RCE vulnerability (CVE-2019-19781)
To help our customers assess the security of their Citrix ADC and Citrix Gateway devices, we have added a new tool on Pentest-Tools.com to detect the recent RCE vulnerability (CVE-2019-19781).
- Published at
- Updated at
How to detect the SACK Panic vulnerability with Wireshark
The security team at Pentest-Tools.com has recently performed an in-depth analysis of the SACK Panic vulnerability (which was first disclosed in June 2019) to find out its exploitability against Linux machines. Throughout this research, we’ve identified a new method to detect vulnerable servers using Wireshark, the popular network traffic analyzer.
- Published at
- Updated at
Black Hat Europe 2019 Highlights
We are extremely grateful and happy to find out how many users already know about our online platform each time we explore a new context. To know people around the world use Pentest-Tools.com on a daily basis to discover vulnerabilities in websites or networks drives us to achieve even more going forward. In this article, we share our recent experience at the Black Hat Europe 2019 conference and what we learned from it.
- Published at
- Updated at
Capital One, CafePress, Suprema data breaches and their root causes
In this article, we discuss some of the most recent data breaches, what are their root causes, and how to better secure your most valuable personal information and other digital assets.
- Published at
- Updated at
Analysis of recent Exim mail server vulnerabilities
For the past months, multiple critical vulnerabilities were found in Exim mail servers that could allow attackers to gain remote access and perform malicious activities: CVE-2019-16928, CVE-2019-15846, and CVE-2019-10149.
- Published at
- Updated at
How to Perform Internal Network Scanning with Pentest-Tools.com
In this article, we show you how to scan hosts from your internal network using our security tools from Pentest-Tools.com. This is a new capability that we have recently added to our platform and it uses VPN tunnels to reach the internal networks.
- Published at
- Updated at
[New feature] Internal network scanning with Pentest-Tools.com
To quickly discover potential vulnerabilities or evaluate your security posture, regular internal network scans are essential. To make this easier for you, we’ve added a new feature on Pentest-Tools.com!
- Published at
- Updated at
