penetration testing

Kali Linux 2025.4: New tools and “quality-of-life” improvements

Kali Linux 2025.4: New tools and “quality-of-life” improvements 2025-12-15 at 13:48 By Zeljka Zorz OffSec has released Kali Linux 2025.4, a new version of its widely used penetration testing and digital forensics platform. Most of the changes are related to appearance and usability: Kali’s GNOME desktop environment now organizes Kali tools into folders via the […]

Kali Linux 2025.4: New tools and “quality-of-life” improvements Read More »

Equixly Raises $11 Million for AI-Powered API Penetration Testing

Equixly Raises $11 Million for AI-Powered API Penetration Testing 2025-12-09 at 13:21 By Ionut Arghire The Italian startup will use the investment to build proprietary AI models, accelerate global expansion, and hire new talent. The post Equixly Raises $11 Million for AI-Powered API Penetration Testing appeared first on SecurityWeek. This article is an excerpt from

Equixly Raises $11 Million for AI-Powered API Penetration Testing Read More »

AI-driven threats are heading straight for the factory floor

AI-driven threats are heading straight for the factory floor 2025-12-09 at 09:07 By Mirko Zorz In this Help Net Security interview, Natalia Oropeza, Chief Cybersecurity Officer at Siemens, discusses how industrial organizations are adapting to a shift in cyber risk driven by AI. She notes that in-house capability, especially for OT response and recovery, is

AI-driven threats are heading straight for the factory floor Read More »

From Compliance to Covert Ops: Demystifying the Offensive Security Landscape

From Compliance to Covert Ops: Demystifying the Offensive Security Landscape 2025-11-26 at 16:31 By Sandun Bambarandage The merits of deploying offensive testing to strengthen an organization’s security posture are well-understood by today’s security leadership. Much to the relief of defenders, obtaining approval for an offensive security exercise has never been easier. This article is an

From Compliance to Covert Ops: Demystifying the Offensive Security Landscape Read More »

Crowdsourced Penetration Testing: Understanding the Risks for Better Decision-Making

Crowdsourced Penetration Testing: Understanding the Risks for Better Decision-Making 2025-11-18 at 16:36 By Jason Shepherd CPT vs. Bounties: CPT is a time-boxed, structured test for compliance reports with a fixed cost. Bug Bounty is ongoing, open-ended discovery paid per valid vulnerability found. Mitigate Key Risks: Watch for poor researcher vetting, potential data exposure/exfiltration by bad

Crowdsourced Penetration Testing: Understanding the Risks for Better Decision-Making Read More »

Strix: Open-source AI agents for penetration testing

Strix: Open-source AI agents for penetration testing 2025-11-17 at 16:32 By Sinisa Markovic Security teams know that application flaws tend to show up at the worst time. Strix presents itself as an open source way to catch them earlier by using autonomous agents that behave like human attackers. These agents run code, explore an application,

Strix: Open-source AI agents for penetration testing Read More »

sqlmap: Open-source SQL injection and database takeover tool

sqlmap: Open-source SQL injection and database takeover tool 2025-11-10 at 11:28 By Sinisa Markovic Finding and exploiting SQL injection vulnerabilities is one of the oldest and most common steps in web application testing. sqlmap streamlines this process. It is an open-source penetration testing tool that automates the detection and exploitation of SQL injection flaws and

sqlmap: Open-source SQL injection and database takeover tool Read More »

Proximity: Open-source MCP security scanner

Proximity: Open-source MCP security scanner 2025-10-29 at 08:29 By Mirko Zorz Proximity is a new open-source tool that scans Model Context Protocol (MCP) servers. It identifies the prompts, tools, and resources that a server makes available, and it can evaluate how those elements might introduce security risks. The tool also work with NOVA, a rule

Proximity: Open-source MCP security scanner Read More »

Wireshark 4.6.0 brings major updates for packet analysis and decryption

Wireshark 4.6.0 brings major updates for packet analysis and decryption 2025-10-23 at 17:10 By Anamarija Pogorelec If you’ve ever used Wireshark to dig into network traffic you know how vital even small upgrades can be. With version 4.6.0 the team behind the open-source network protocol analyzer has added a number of features that could change

Wireshark 4.6.0 brings major updates for packet analysis and decryption Read More »

Two Tools, One Strategy: Pairing Vulnerability Scanning and Pen Testing for Maximum Protection

Two Tools, One Strategy: Pairing Vulnerability Scanning and Pen Testing for Maximum Protection 2025-10-20 at 16:08 By Mary Eduel Neyra Penetration Testing and Managed Vulnerability Scanning (MVS): Understand the essential differences between these two critical cybersecurity practices. What is Managed Vulnerability Scanning? Learn how MVS provides continuous, automated visibility into your network’s assets and known vulnerabilities.

Two Tools, One Strategy: Pairing Vulnerability Scanning and Pen Testing for Maximum Protection Read More »

Nodepass: Open-source TCP/UDP tunneling solution

Nodepass: Open-source TCP/UDP tunneling solution 2025-10-20 at 13:18 By Sinisa Markovic When you think of network tunneling, “lightweight” and “enterprise-grade” rarely appear in the same sentence. NodePass, an open-source project, wants to change that. It’s a compact but powerful TCP/UDP tunneling solution built for DevOps teams and system administrators who need to manage complex network

Nodepass: Open-source TCP/UDP tunneling solution Read More »

Kali Linux 2025.3 brings improved virtual machine tooling, 10 new tools

Kali Linux 2025.3 brings improved virtual machine tooling, 10 new tools 2025-09-24 at 12:19 By Zeljka Zorz OffSec has released Kali Linux 2025.3, the most up-to-date version of its popular penetration testing and digital forensics platform. What’s new in Kali Linux 2025.3 Better virtual machine tooling The way Kali builds and ships its VM images

Kali Linux 2025.3 brings improved virtual machine tooling, 10 new tools Read More »

Terra Security Raises $30 Million for AI Penetration Testing Platform

Terra Security Raises $30 Million for AI Penetration Testing Platform 2025-09-15 at 16:47 By Ionut Arghire The Israeli cybersecurity startup plans to expand its offensive security offering to cover more enterprise attack surface. The post Terra Security Raises $30 Million for AI Penetration Testing Platform appeared first on SecurityWeek. This article is an excerpt from

Terra Security Raises $30 Million for AI Penetration Testing Platform Read More »

Automated network pentesting uncovers what traditional tests missed

Automated network pentesting uncovers what traditional tests missed 2025-09-10 at 11:45 By Zeljka Zorz Most organizations run an annual network penetration test, remediate the issues it uncovers, and move on. But attackers are probing networks every day, using publicly available tools to exploit common misconfigurations and overlooked vulnerabilities. A new report, based on over 50,000

Automated network pentesting uncovers what traditional tests missed Read More »

FireCompass Raises $20 Million for Offensive Security Platform

FireCompass Raises $20 Million for Offensive Security Platform 2025-09-05 at 15:31 By Ionut Arghire The AI-powered automated penetration testing firm will invest the new funds in R&D, team expansion, and global scale. The post FireCompass Raises $20 Million for Offensive Security Platform appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

FireCompass Raises $20 Million for Offensive Security Platform Read More »

What happens when penetration testing goes virtual and gets an AI coach

What happens when penetration testing goes virtual and gets an AI coach 2025-08-19 at 09:32 By Mirko Zorz Cybersecurity training often struggles to match the complexity of threats. A new approach combining digital twins and LLMs aims to close that gap. Researchers from the University of Bari Aldo Moro propose using Cyber Digital Twins (CDTs)

What happens when penetration testing goes virtual and gets an AI coach Read More »

Pentesting is now central to CISO strategy

Pentesting is now central to CISO strategy 2025-08-11 at 07:36 By Anamarija Pogorelec Security leaders are rethinking their approach to cybersecurity as digital supply chains expand and generative AI becomes embedded in critical systems. A recent survey of 225 security leaders conducted by Emerald Research found that 68% are concerned about the risks posed by

Pentesting is now central to CISO strategy Read More »

Open-source password recovery utility Hashcat 7.0.0 released

Open-source password recovery utility Hashcat 7.0.0 released 2025-08-04 at 08:10 By Anamarija Pogorelec Hashcat is an open-source password recovery tool that supports five attack modes and more than 300 highly optimized hashing algorithms. It runs on CPUs, GPUs, and other hardware accelerators across Linux, Windows, and macOS, and includes features for distributed password cracking at

Open-source password recovery utility Hashcat 7.0.0 released Read More »

Scroll to Top