Review: Learning Kali Linux, 2nd Edition 2025-06-16 at 07:32 By Mirko Zorz Kali Linux has long been the go-to operating system for penetration testers and security professionals, and Learning Kali Linux, 2nd Edition by Ric Messier aims to guide readers through its core tools and use cases. This updated edition introduces new material on digital […]
React to this headline:
Review: Learning Kali Linux, 2nd Edition Read More »
Kali Linux 2025.2 delivers Bloodhound CE, CARsenal, 13 new tools 2025-06-14 at 12:17 By Zeljka Zorz OffSec has released Kali Linux 2025.2, the most up-to-date version of the widely used penetration testing and digital forensics platform. KDE Plasma 6.3 in Kali Linux 2025.2 (Source: OffSec) New in Kali Linux 2025.2 As per usual, the newest
React to this headline:
Kali Linux 2025.2 delivers Bloodhound CE, CARsenal, 13 new tools Read More »
Researchers warn of ongoing Entra ID account takeover campaign 2025-06-12 at 19:50 By Zeljka Zorz Attackers are using the TeamFiltration pentesting framework to brute-force their way into Microsoft Entra ID (formerly Azure AD) accounts, Proofpoint researchers have discovered. “Proofpoint’s research indicates that while simulated intrusions using TeamFiltration date back nearly to the tool’s initial release
React to this headline:
Researchers warn of ongoing Entra ID account takeover campaign Read More »
Build a mobile hacking rig with a Pixel and Kali NetHunter 2025-06-12 at 08:32 By Mirko Zorz A cybersecurity hobbyist has built a compact, foldable mobile hacking rig that runs Kali NetHunter on a Google Pixel 3 XL. It’s called the NetHunter C-deck, and it packs serious functionality into a small, 3D-printed shell. NetHunter C-deck
React to this headline:
Build a mobile hacking rig with a Pixel and Kali NetHunter Read More »
Red Teaming Around the World (UK and Europe vs. US) 2025-06-02 at 20:36 By Philip Pieterse Regional Nuances: Explore the key differences in Red Teaming approaches across the UK, Europe, and the US, including regulatory frameworks and threat modeling. Red Team vs. Penetration Testing: Understand the distinct objectives, scopes, and durations of Red Team engagements compared to pen
React to this headline:
Red Teaming Around the World (UK and Europe vs. US) Read More »
Product showcase: Smarter pentest reporting and exposure management with PlexTrac 2025-06-02 at 09:03 By Help Net Security The threat landscape is evolving faster than ever. Staying ahead means going beyond automated scans and check-the-box assessments. It demands continuous, hands-on testing through a security approach that proactively identifies, prioritizes, and mitigates threats in real time. To
React to this headline:
Product showcase: Smarter pentest reporting and exposure management with PlexTrac Read More »
From Simulation to Strategy: Evolving Your Red and Purple Teaming Approach 2025-05-13 at 16:01 By Red and Purple Teaming: Strategic Evolution – Discover how modern security assurance programs are shifting from one-off simulations to strategic, continuous improvement. Real-World Insights from Security Leaders – Learn from Trustwave experts on leveraging red and purple team testing to uncover security
React to this headline:
From Simulation to Strategy: Evolving Your Red and Purple Teaming Approach Read More »
Autorize: Burp Suite extension for automatic authorization enforcement detection 2025-05-07 at 08:02 By Help Net Security Autorize is an open-source Burp Suite extension that checks if users can access things they shouldn’t. It runs automatic tests to help security testers find authorization problems. Autorize installation To use Autorize, you’ll need Burp Suite and Jython. Here’s
React to this headline:
Autorize: Burp Suite extension for automatic authorization enforcement detection Read More »
GoSearch: Open-source OSINT tool for uncovering digital footprints 2025-04-28 at 08:01 By Help Net Security GoSearch is an open-source OSINT tool built to uncover digital footprints linked to specific usernames. Designed for speed and accuracy, it lets users quickly track someone’s online presence across multiple platforms. GoSearch incorporates data from Hudson Rock’s Cybercrime Database, offering
React to this headline:
GoSearch: Open-source OSINT tool for uncovering digital footprints Read More »
Terra Security Raises $8M for Agentic AI Penetration Testing Platform 2025-04-23 at 11:57 By Ionut Arghire Cybersecurity startup Terra Security has raised $8 million in seed funding from SYN Ventures, FXP Ventures, and Underscore VC. The post Terra Security Raises $8M for Agentic AI Penetration Testing Platform appeared first on SecurityWeek. This article is an
React to this headline:
Terra Security Raises $8M for Agentic AI Penetration Testing Platform Read More »
Review: The Ultimate Kali Linux Book, Third Edition 2025-04-10 at 07:31 By Mirko Zorz Packed with real-world scenarios, hands-on techniques, and insights into widely used tools, the third edition of the bestselling Ultimate Kali Linux Book offers a practical path to learning penetration testing with Kali Linux. About the author Glen D. Singh, a seasoned
React to this headline:
Review: The Ultimate Kali Linux Book, Third Edition Read More »
APTRS: Open-source automated penetration testing reporting system 2025-04-09 at 07:46 By Mirko Zorz APTRS is an open-source reporting tool built with Python and Django. It’s made for penetration testers and security teams who want to save time on reports. Instead of writing reports by hand, users can create PDF and Excel files directly in the
React to this headline:
APTRS: Open-source automated penetration testing reporting system Read More »
Exegol: Open-source hacking environment 2025-03-31 at 08:02 By Mirko Zorz Exegol is a community-driven hacking environment, which helps users deploy hacking setups quickly and securely. It’s made for penetration testers, CTF players, bug bounty hunters, researchers, defenders, and both new and experienced users. Exegol offers clean, secure environments. Each project can have its own Docker
React to this headline:
Exegol: Open-source hacking environment Read More »
The Crucial Role Trustwave Red Team Exercises Play in Enhancing Cybersecurity 2025-03-28 at 15:09 By Uncover Critical Cybersecurity Gaps: Learn how Trustwave SpiderLabs’ Red Team identified vulnerabilities in a US-based healthcare system. Real-World Red Team Insights: Explore key findings from simulated attacks that reveal how adversaries could compromise sensitive data. Healthcare Cybersecurity Trends: Access exclusive
React to this headline:
The Crucial Role Trustwave Red Team Exercises Play in Enhancing Cybersecurity Read More »
Kali Linux 2025.1a drops with theme refresh, Kali NetHunter updates 2025-03-20 at 09:32 By Help Net Security Kali Linux 2025.1a is now available. This release enhances existing features with improvements designed to streamline your experience. 2025 theme refresh Kali Linux 2025.1a introduces an annual theme refresh, maintaining a modern interface. This year’s update debuts a
React to this headline:
Kali Linux 2025.1a drops with theme refresh, Kali NetHunter updates Read More »
Hetty: Open-source HTTP toolkit for security research 2025-03-10 at 08:17 By Help Net Security Hetty is an open-source HTTP toolkit designed for security research, offering a free alternative to commercial tools like Burp Suite Pro. Built with the needs of penetration testers, security professionals, and bug bounty hunters in mind, Hetty provides a set of
React to this headline:
Hetty: Open-source HTTP toolkit for security research Read More »
Dalfox: Open-source XSS scanner 2025-02-26 at 08:20 By Mirko Zorz DalFox is an open-source tool for automating the detection of XSS vulnerabilities. With powerful testing capabilities and a wide range of features, it makes scanning, analyzing parameters, and verifying vulnerabilities faster and easier. “The uniqueness of Dalfox lies in its speed and ability to easily
React to this headline:
Dalfox: Open-source XSS scanner Read More »
Orbit: Open-source Nuclei security scanning and automation platform 2025-02-17 at 07:50 By Mirko Zorz Orbit is an open-source platform built to streamline large-scale Nuclei scans, enabling teams to manage, analyze, and collaborate on security findings. It features a SvelteKit-based web frontend and a Go-powered backend, with Terraform and Ansible handling infrastructure and automation. “I built
React to this headline:
Orbit: Open-source Nuclei security scanning and automation platform Read More »
SysReptor: Open-source penetration testing reporting platform 2025-02-12 at 07:05 By Mirko Zorz SysReptor is a customizable open-source penetration testing reporting platform built for pentesters, red teamers, and cybersecurity professionals. You can optimize your workflow by simplifying, automating, and personalizing your reports. “SysReptor is an easy-to-use tool for pentesters and simplifies pentest reporting. Reports are designed
React to this headline:
SysReptor: Open-source penetration testing reporting platform Read More »
Penetration Testing ROI: How to Convince Leadership to Invest in Cybersecurity 2025-02-05 at 23:06 By While Chief Information Security Officers (CISOs) know how crucial a consistent enterprise penetration testing program is to their cybersecurity program, convincing their fellow leaders and board members to invest in pen testing amid other budget demands can be challenging. This
React to this headline:
Penetration Testing ROI: How to Convince Leadership to Invest in Cybersecurity Read More »