penetration testing
Nessus 5.0 vulnerability scanner released
Tenable Network Security announced Nessus 5.0, a vulnerability and configuration assessment solution for enterprises and security professionals. Nessus 5.0 delivers introduces …
Cloud-based fuzzing for zero-day vulnerability discovery
Codenomicon released the Fuzz-o-Matic cloud-based software security Testing-as-a-Service (TaaS) platform for enterprise software and applications running on Windows, Linux, …
Arachni: Web application security scanner framework
Arachni is an open source Web application security scanner framework, a modular framework that allows fast, accurate and flexible vulnerability assessment. In order to …
Is your online bank vulnerable to currency rounding attacks?
In the 12+ years of doing penetration tests against various critical environments, we’ve seen numerous online banking servers and found all sorts of vulnerabilities in …
BackTrack 5 Wireless Penetration Testing
If you're considering a career in penetration testing, you probably already know that BackTrack is the Linux distribution favored by most pentesters due to it being preloaded …
A Bug Hunter’s Diary
For individuals who make a living developing and maintaining software systems, finding bugs in their own code is almost a daily ritual. Working on software developing projects …
Free tool exploits SQL injection vulnerabilities
NT OBJECTives announced NTO SQL Invader, a free tool which provides pen testers and developers the ability to quickly and easily exploit and demonstrate SQL Injection …
NetWars to test the skills of infosec professionals
At SANS London 2011, Europe’s largest IT security training event, NetWars will be launched for the first time in the UK. NetWars participants compete in a mock …
The Basics of Hacking and Penetration Testing
Have you always wondered about how penetration testing is performed, but never had the opportunity to ask a professional about it or to witness him (or her) at work? If that's …
New fuzzing platform from Codenomicon
Codenomicon released Defensics X, the latest version of their security and robustness testing software. The update introduces better coverage through infinite test case …
Free Metasploit Community Edition released
Rapid7 launched Metasploit Community Edition: a new free addition to the Metasploit family of software solutions, which help security and IT professionals identify and …
MagicTree: Data management for penetration testers
Have you ever spent ages trying to find the results of a particular portscan you were sure you did? Or grepping through a bunch of files looking for data for a particular host …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments