penetration testing
Tactical exploitation with Warberry Pi
WarBerry Pi was built for red team engagements where it’s essential to obtain as much information as possible in a short period of time, while going undetected. All you need …
Developing Hashcat, a tool for advanced password recovery
As general-purpose computing on graphics processing units (GPGPU) became more viable around 2009, professional software developer Jens “atom” Steube wanted to …
Do you have what it takes to be an independent security consultant?
It doesn’t matter if you’re part of a big enterprise or a small company, you’ve probably wondered at least once what it would be like to work for yourself. Dreams …
Attackers use open source security tools for targeted cyberespionage
Kaspersky Lab researchers have uncovered a new trend among cyberespionage threat actors: instead of developing customized hacking tools or buying them from third-party …
How to automate a custom password dictionary for your pen test
When doing penetration testing, security professionals regularly have to deal with words that are specific to the task at hand, and many are not found in common wordlists. …
The things you discover when you test RF networks
In my work as a penetration tester for SureCloud, I’m often asked to look at unusual, out-of-the-ordinary vulnerabilities. This was the case when a major UK financial …
MobSF: Security analysis of Android and iOS apps
The Mobile Security Framework (MobSF) is an open source framework capable of performing end to end security testing of mobile applications. MobSF can be used for security …
Web application scanning with Htcap
Htcap is a free web application scanner that can crawl single page applications in a recursive manner by intercepting Ajax calls and DOM changes. The app is focused mainly on …
Smart buildings security: Who’s in charge?
As the Internet of Things became an accepted reality, and the security community realized that they have to get involved in securing it, days without news about the insecurity …
Review: Google Hacking for Penetration Testers, Third Edition
Authors: Johnny Long, Bill Gardner, Justin Brown. Pages: 234 Publisher: Syngress ISBN: 0128029641 Introduction The Internet can be a great source of information, and Google …
Inside the largely unexplored world of mainframe security
The security of mainframe computers – the so-called “big iron”, which is mainly used by large organizations for critical applications, bulk data and …
Open source KeeFarce tool loots encrypted passwords stored in KeePass
Denis Andzakovic, a hacker and researcher with New Zealand-based security consultancy Security-Assessment.com, has released the source code for KeeFarce, a tool that can …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments