penetration testing
SAMRi10: Windows 10 hardening tool for thwarting network recon
Microsoft researchers Itai Grady and Tal Be’ery have released another tool to help admins harden their environment against reconnaissance attacks: SAMRi10 (pronounced …
Hackers changing tactics, techniques and procedures
Organizations need to conduct better penetration testing to combat continual changes in hackers’ tactics, techniques and procedures (TTPs), according to NTT Security. “Our Q3 …
Net Cease: Microsoft researchers unveil anti-reconnaissance tool
Microsoft researchers Itai Grady and Tal Be’ery have released Net Cease, a PowerShell script that prevents attackers who have already compromised an endpoint from …
Components of an effective vulnerability management process
Vulnerabilities continue to grab headlines. Whether it is a zero-day that affects “tens of millions” servers around the globe or an old unpatched flaw that leads to a data …
Nmap 7.30: New NSE scripts, Npcap, fingerprints
Nmap 7.30 is the first stable release since 7.12 back in March. Apart from bug fixes, it comes with new features, including more NSE scripts, an improved version of Npcap …
Hack a Nexus from afar, get $200,000
Google has issued a challenge to bug hunters around the world: find a vulnerability or bug chain that achieves remote code execution on multiple Android devices knowing only …
It pays to be a penetration tester, the market is booming!
The penetration testing market is estimated to grow from $594.7 million in 2016 to $1,724.3 million by 2021, at a Compound Annual Growth Rate (CAGR) of 23.7%, according to …
Sn1per: Automated pentest recon scanner
Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. “I originally created Sn1per because I didn’t want …
Dagah: Penetration testing for enterprise mobility programs
Shevirah Inc. will unveil at Black Hat USA 2016 the free version of dagah – a product that empowers security test teams to assess the security posture of their mobility …
Photo gallery: Black Hat USA 2016 Arsenal
Black Hat USA 2016 is underway at Las Vegas, and here are a few photos from the Arsenal, where the open source community demonstrates tools they develop and use in their daily …
Security awareness training or no, users will keep clicking on dodgy links
There is no way to make humans never click on potentially dangerous links they receive, as the right combination of curiosity, context, and emotions will always beat security …
Nishang: Using PowerShell for penetration testing
Nishang is a framework, and a collection of scripts and payloads which enables PowerShell usage for offensive security, penetration testing and red teaming. The tool is the …
Featured news
Resources
Don't miss
- Ransomware attackers are “vishing” organizations via Microsoft Teams
- Scam Yourself attacks: How social engineering is evolving
- Addressing the intersection of cyber and physical security threats
- Fleet: Open-source platform for IT and security teams
- CERT-UA warns against “security audit” requests via AnyDesk