penetration testing

Autorize: Burp Suite extension for automatic authorization enforcement detection

Don't miss, GitHub, News, open source, penetration testing, software /

Autorize: Burp Suite extension for automatic authorization enforcement detection 2025-05-07 at 08:02 By Help Net Security Autorize is an open-source Burp Suite extension that checks if users can access things they shouldn’t. It runs automatic tests to help security testers find authorization problems. Autorize installation To use Autorize, you’ll need Burp Suite and Jython. Here’s […]

React to this headline:

Loading spinner

Autorize: Burp Suite extension for automatic authorization enforcement detection Read More »

GoSearch: Open-source OSINT tool for uncovering digital footprints

digital forensics, Don't miss, GitHub, Hudson Rock, News, OSINT, penetration testing, software /

GoSearch: Open-source OSINT tool for uncovering digital footprints 2025-04-28 at 08:01 By Help Net Security GoSearch is an open-source OSINT tool built to uncover digital footprints linked to specific usernames. Designed for speed and accuracy, it lets users quickly track someone’s online presence across multiple platforms. GoSearch incorporates data from Hudson Rock’s Cybercrime Database, offering

React to this headline:

Loading spinner

GoSearch: Open-source OSINT tool for uncovering digital footprints Read More »

Terra Security Raises $8M for Agentic AI Penetration Testing Platform

Cybersecurity Funding, funding, penetration testing, seed funding, Terra Security /

Terra Security Raises $8M for Agentic AI Penetration Testing Platform 2025-04-23 at 11:57 By Ionut Arghire Cybersecurity startup Terra Security has raised $8 million in seed funding from SYN Ventures, FXP Ventures, and Underscore VC. The post Terra Security Raises $8M for Agentic AI Penetration Testing Platform appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Terra Security Raises $8M for Agentic AI Penetration Testing Platform Read More »

Review: The Ultimate Kali Linux Book, Third Edition

books, Don't miss, Kali Linux, Linux, News, penetration testing, Review, Reviews, skill development /

Review: The Ultimate Kali Linux Book, Third Edition 2025-04-10 at 07:31 By Mirko Zorz Packed with real-world scenarios, hands-on techniques, and insights into widely used tools, the third edition of the bestselling Ultimate Kali Linux Book offers a practical path to learning penetration testing with Kali Linux. About the author Glen D. Singh, a seasoned

React to this headline:

Loading spinner

Review: The Ultimate Kali Linux Book, Third Edition Read More »

APTRS: Open-source automated penetration testing reporting system

Don't miss, GitHub, News, open source, penetration testing, software /

APTRS: Open-source automated penetration testing reporting system 2025-04-09 at 07:46 By Mirko Zorz APTRS is an open-source reporting tool built with Python and Django. It’s made for penetration testers and security teams who want to save time on reports. Instead of writing reports by hand, users can create PDF and Excel files directly in the

React to this headline:

Loading spinner

APTRS: Open-source automated penetration testing reporting system Read More »

Exegol: Open-source hacking environment

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

Exegol: Open-source hacking environment 2025-03-31 at 08:02 By Mirko Zorz Exegol is a community-driven hacking environment, which helps users deploy hacking setups quickly and securely. It’s made for penetration testers, CTF players, bug bounty hunters, researchers, defenders, and both new and experienced users. Exegol offers clean, secure environments. Each project can have its own Docker

React to this headline:

Loading spinner

Exegol: Open-source hacking environment Read More »

The Crucial Role Trustwave Red Team Exercises Play in Enhancing Cybersecurity

Database Protection, penetration testing, Reports, Threat Intelligence, Vulnerabilities /

The Crucial Role Trustwave Red Team Exercises Play in Enhancing Cybersecurity 2025-03-28 at 15:09 By Uncover Critical Cybersecurity Gaps: Learn how Trustwave SpiderLabs’ Red Team identified vulnerabilities in a US-based healthcare system. Real-World Red Team Insights: Explore key findings from simulated attacks that reveal how adversaries could compromise sensitive data. Healthcare Cybersecurity Trends: Access exclusive

React to this headline:

Loading spinner

The Crucial Role Trustwave Red Team Exercises Play in Enhancing Cybersecurity Read More »

Kali Linux 2025.1a drops with theme refresh, Kali NetHunter updates

Don't miss, Kali Linux, News, OffSec, open source, penetration testing, software /

Kali Linux 2025.1a drops with theme refresh, Kali NetHunter updates 2025-03-20 at 09:32 By Help Net Security Kali Linux 2025.1a is now available. This release enhances existing features with improvements designed to streamline your experience. 2025 theme refresh Kali Linux 2025.1a introduces an annual theme refresh, maintaining a modern interface. This year’s update debuts a

React to this headline:

Loading spinner

Kali Linux 2025.1a drops with theme refresh, Kali NetHunter updates Read More »

Hetty: Open-source HTTP toolkit for security research

Don't miss, GitHub, News, open source, penetration testing, software /

Hetty: Open-source HTTP toolkit for security research 2025-03-10 at 08:17 By Help Net Security Hetty is an open-source HTTP toolkit designed for security research, offering a free alternative to commercial tools like Burp Suite Pro. Built with the needs of penetration testers, security professionals, and bug bounty hunters in mind, Hetty provides a set of

React to this headline:

Loading spinner

Hetty: Open-source HTTP toolkit for security research Read More »

Dalfox: Open-source XSS scanner

Don't miss, GitHub, News, open source, penetration testing, scanning, software, XSS /

Dalfox: Open-source XSS scanner 2025-02-26 at 08:20 By Mirko Zorz DalFox is an open-source tool for automating the detection of XSS vulnerabilities. With powerful testing capabilities and a wide range of features, it makes scanning, analyzing parameters, and verifying vulnerabilities faster and easier. “The uniqueness of Dalfox lies in its speed and ability to easily

React to this headline:

Loading spinner

Dalfox: Open-source XSS scanner Read More »

Orbit: Open-source Nuclei security scanning and automation platform

Don't miss, GitHub, News, open source, penetration testing, scanning, software, Terraform /

Orbit: Open-source Nuclei security scanning and automation platform 2025-02-17 at 07:50 By Mirko Zorz Orbit is an open-source platform built to streamline large-scale Nuclei scans, enabling teams to manage, analyze, and collaborate on security findings. It features a SvelteKit-based web frontend and a Go-powered backend, with Terraform and Ansible handling infrastructure and automation. “I built

React to this headline:

Loading spinner

Orbit: Open-source Nuclei security scanning and automation platform Read More »

SysReptor: Open-source penetration testing reporting platform

Don't miss, GitHub, News, penetration testing, software /

SysReptor: Open-source penetration testing reporting platform 2025-02-12 at 07:05 By Mirko Zorz SysReptor is a customizable open-source penetration testing reporting platform built for pentesters, red teamers, and cybersecurity professionals. You can optimize your workflow by simplifying, automating, and personalizing your reports. “SysReptor is an easy-to-use tool for pentesters and simplifies pentest reporting. Reports are designed

React to this headline:

Loading spinner

SysReptor: Open-source penetration testing reporting platform Read More »

Penetration Testing ROI: How to Convince Leadership to Invest in Cybersecurity

penetration testing, Vulnerabilities /

Penetration Testing ROI: How to Convince Leadership to Invest in Cybersecurity 2025-02-05 at 23:06 By While Chief Information Security Officers (CISOs) know how crucial a consistent enterprise penetration testing program is to their cybersecurity program, convincing their fellow leaders and board members to invest in pen testing amid other budget demands can be challenging. This

React to this headline:

Loading spinner

Penetration Testing ROI: How to Convince Leadership to Invest in Cybersecurity Read More »

BadDNS: Open-source tool checks for subdomain takeovers

Don't miss, GitHub, News, open source, penetration testing, scanning, software /

BadDNS: Open-source tool checks for subdomain takeovers 2025-02-03 at 07:03 By Mirko Zorz BadDNS is an open-source Python DNS auditing tool designed to detect domain and subdomain takeovers of all types. BadDNS modules cname – Check for dangling CNAME records and interrogate them for subdomain takeover opportunities ns – Check for dangling NS records and

React to this headline:

Loading spinner

BadDNS: Open-source tool checks for subdomain takeovers Read More »

Stratoshark: Wireshark for the cloud – now available!

Cloud, Don't miss, News, open source, penetration testing, software, Sysdig, wireless, Wireshark /

Stratoshark: Wireshark for the cloud – now available! 2025-01-22 at 20:33 By Help Net Security Stratoshark is an innovative open-source tool that brings Wireshark’s detailed network visibility to the cloud, providing users with a standardized approach to cloud observability. Stratoshark incorporates much of Wireshark’s codebase, including its user interface elements. The interface and workflows will

React to this headline:

Loading spinner

Stratoshark: Wireshark for the cloud – now available! Read More »

MSSqlPwner: Open-source tool for pentesting MSSQL servers

database security, Don't miss, GitHub, News, open source, penetration testing, software /

MSSqlPwner: Open-source tool for pentesting MSSQL servers 2025-01-17 at 07:48 By Help Net Security MSSqlPwner is an open-source pentesting tool tailored to interact with and exploit MSSQL servers. Built on Impacket, it enables users to authenticate with databases using various credentials, including clear-text passwords, NTLM hashes, and Kerberos tickets. The tool offers multiple methods for

React to this headline:

Loading spinner

MSSqlPwner: Open-source tool for pentesting MSSQL servers Read More »

Why Vulnerability Scanning Alone Isn’t Enough: The Case for Penetration Testing

penetration testing, Tips & Tricks, Vulnerabilities /

Why Vulnerability Scanning Alone Isn’t Enough: The Case for Penetration Testing 2025-01-10 at 16:11 By Grayson Lenik Organizations today face a rapidly evolving threat landscape, and as they plan their cybersecurity strategy and budgets, many may struggle with a key question: If I’m conducting regular vulnerability scans, and patching the vulnerabilities I identify, do I

React to this headline:

Loading spinner

Why Vulnerability Scanning Alone Isn’t Enough: The Case for Penetration Testing Read More »

Scaling penetration testing through smart automation

Artificial Intelligence, automation, Compliance, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, penetration testing, Plainsea /

Scaling penetration testing through smart automation 2025-01-08 at 07:06 By Mirko Zorz In this Help Net Security interview, Marko Simeonov, CEO of Plainsea, discusses how organizations can move beyond compliance-driven penetration testing toward a more strategic, risk-based approach. He explains how automation, human expertise, and continuous monitoring can transform penetration testing into a dynamic, business-critical

React to this headline:

Loading spinner

Scaling penetration testing through smart automation Read More »

Why Companies Need to Extend Penetration Testing to OT Environments

penetration testing, Vulnerabilities /

Why Companies Need to Extend Penetration Testing to OT Environments 2025-01-02 at 20:08 By Allen Numerick As companies continue to integrate their operational technology (OT) and IT environments, they’re coming to grips with the fact that this move opens them up to new avenues for cyber threats. This article is an excerpt from Trustwave Blog

React to this headline:

Loading spinner

Why Companies Need to Extend Penetration Testing to OT Environments Read More »

Evilginx: Open-source man-in-the-middle attack framework

Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

Evilginx: Open-source man-in-the-middle attack framework 2024-12-23 at 07:37 By Mirko Zorz Evilginx is an open-source man-in-the-middle attack framework designed to phish login credentials and session cookies, enabling attackers to bypass 2FA safeguards. “Back in 2017, I was experimenting with extracting cookies from one browser and importing them into another. I realized this technique could effectively

React to this headline:

Loading spinner

Evilginx: Open-source man-in-the-middle attack framework Read More »

Scroll to Top