penetration testing

Product showcase: ImmuniWeb AI Platform

Artificial Intelligence, cybersecurity, ImmuniWeb, News, penetration testing, Product showcase, software /

Product showcase: ImmuniWeb AI Platform 20/12/2023 at 08:31 By Help Net Security ImmuniWeb is a global application security company that currently serves over 1,000 customers from more than 50 countries. ImmuniWeb AI Platform has received numerous prestigious awards and industry recognitions for intelligent automation and acceleration of application security testing, which delivers better quality of […]

React to this headline:

Loading spinner

Product showcase: ImmuniWeb AI Platform Read More »

EMBA: Open-source security analyzer for embedded devices

cybersecurity, Don't miss, embedded systems, GitHub, News, open source, penetration testing, software /

EMBA: Open-source security analyzer for embedded devices 19/12/2023 at 08:02 By Mirko Zorz The EMBA open-source security analyzer is tailored as the central firmware analysis tool for penetration testers and product security groups. It assists throughout the security evaluation procedure, extracting firmware, conducting static and dynamic analysis through emulation, and creating a web-based report. EMBA

React to this headline:

Loading spinner

EMBA: Open-source security analyzer for embedded devices Read More »

CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance

CISA, healthcare, Network Security, penetration testing, Vulnerabilities /

CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance 18/12/2023 at 18:16 By Ionut Arghire The US cybersecurity agency CISA issues cybersecurity recommendations for the healthcare and public health sector. The post CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance Read More »

5 open-source tools for pentesting Kubernetes you should check out

Don't miss, GitHub, Hot stuff, Kubernetes, News, open source, penetration testing, software /

5 open-source tools for pentesting Kubernetes you should check out 06/12/2023 at 08:02 By Help Net Security Kubernetes, often called K8s, is an open-source platform designed to automate the deployment, scaling, and operations of containerized applications. Kubernetes has become a critical part of the infrastructure for many organizations. However, with its widespread adoption, Kubernetes environments

React to this headline:

Loading spinner

5 open-source tools for pentesting Kubernetes you should check out Read More »

Kali Linux 2023.4 released: New tools, Kali for Raspberry Pi 5, and more!

Don't miss, Hot stuff, Kali Linux, Linux, News, OffSec, open source, penetration testing /

Kali Linux 2023.4 released: New tools, Kali for Raspberry Pi 5, and more! 05/12/2023 at 21:31 By Zeljka Zorz OffSec (previously Offensive Security) has released Kali Linux 2023.4, the latest version of its penetration testing and digital forensics platform. New tools in Kali Linux 2023.4 The list of tools freshly added to Kali Linux includes:

React to this headline:

Loading spinner

Kali Linux 2023.4 released: New tools, Kali for Raspberry Pi 5, and more! Read More »

SessionProbe: Open-source multi-threaded pentesting tool

Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

SessionProbe: Open-source multi-threaded pentesting tool 05/12/2023 at 09:03 By Mirko Zorz SessionProbe is a multi-threaded pentesting tool designed to evaluate user privileges in web applications. It takes a user’s session token and checks for a list of URLs if access is possible, highlighting potential authorization issues. It deduplicates URL lists and provides real-time logging and

React to this headline:

Loading spinner

SessionProbe: Open-source multi-threaded pentesting tool Read More »

Organizations’ serious commitment to software risk management pays off

Application Security, cybercrime, cybersecurity, News, open source, penetration testing, report, software, survey, Synopsys, Vulnerabilities /

Organizations’ serious commitment to software risk management pays off 21/11/2023 at 07:32 By Industry News There has been a significant decrease in vulnerabilities found in target applications – from 97% in 2020 to 83% in 2022 – an encouraging sign that code reviews, automated testing and continuous integration are helping to reduce common programming errors,

React to this headline:

Loading spinner

Organizations’ serious commitment to software risk management pays off Read More »

GOAD: Vulnerable Active Directory environment for practicing attack techniques

Active Directory, cybersecurity, GitHub, Hot stuff, News, open source, penetration testing /

GOAD: Vulnerable Active Directory environment for practicing attack techniques 26/10/2023 at 07:01 By Mirko Zorz Game of Active Directory (GOAD) is a free pentesting lab. It provides a vulnerable Active Directory environment for pen testers to practice common attack methods. GOAD-Light: 3 vms, 1 forest, 2 domains “When the Zerologon vulnerability surfaced, it highlighted our

React to this headline:

Loading spinner

GOAD: Vulnerable Active Directory environment for practicing attack techniques Read More »

Unmasking the limitations of yearly penetration tests

Ambionics, communication, Compliance, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, PCI DSS, penetration testing, risk assessment, shadow IT, Threat Intelligence, threats, vulnerability, web application /

Unmasking the limitations of yearly penetration tests 12/10/2023 at 07:31 By Mirko Zorz In this Help Net Security interview, Charles d’Hondt, Head of Operations, Ambionics Security, talks about the necessity of implementing continuous penetration testing because yearly ones are not enough. They leave blind spots and cannot match the security needs of regular releases and

React to this headline:

Loading spinner

Unmasking the limitations of yearly penetration tests Read More »

11 search engines for cybersecurity research you can use right now

cybersecurity, dark web, Don't miss, FullHunt, GreyNoise, Hot stuff, Intelligence X, Netlas, News, OffSec, ONYPHE, penetration testing, Shodan /

11 search engines for cybersecurity research you can use right now 29/08/2023 at 06:32 By Help Net Security Staying ahead in cybersecurity requires constant learning and adaptation. If you’re interested in cybersecurity research, explore the resources outlined below. DNSdumpster DNSdumpster is a free domain research tool that can discover hosts related to a domain. Finding

React to this headline:

Loading spinner

11 search engines for cybersecurity research you can use right now Read More »

Kali Linux 2023.3 released: Kali NetHunter app redesign, 9 new tools, and more!

Don't miss, Hot stuff, Kali Linux, Linux, News, OffSec, open source, penetration testing /

Kali Linux 2023.3 released: Kali NetHunter app redesign, 9 new tools, and more! 24/08/2023 at 09:32 By Help Net Security Offensive Security has released Kali Linux 2023.3, the latest version of its penetration testing and digital forensics platform. New tools in Kali Linux 2023.3 Besides updates to current tools, new versions of Kali typically introduce

React to this headline:

Loading spinner

Kali Linux 2023.3 released: Kali NetHunter app redesign, 9 new tools, and more! Read More »

8 open-source OSINT tools you should try

Don't miss, Features, GitHub, Hot stuff, News, open source, OSINT, OWASP, penetration testing, reconnaissance, Shodan, software /

8 open-source OSINT tools you should try 22/08/2023 at 06:01 By Help Net Security Open-Source Intelligence (OSINT) refers to gathering, assessing, and interpreting public information to address specific intelligence queries. All the tools listed here are available for free. Amass The OWASP Amass project performs network mapping of attack surfaces and external asset discovery using

React to this headline:

Loading spinner

8 open-source OSINT tools you should try Read More »

Balancing telecom security, law enforcement, and customer trust

5G, Artificial Intelligence, awareness, BlackDice Cyber, cybersecurity, Don't miss, Features, Hot stuff, IoT, law enforcement, machine learning, mobile devices, News, opinion, penetration testing, Privacy Policy, remote working, surveillance, telecommunications, zero trust /

Balancing telecom security, law enforcement, and customer trust 15/08/2023 at 07:48 By Mirko Zorz In this Help Net Security interview, Mark O’Neill, CTO at BlackDice Cyber, talks about collaboration, transparent policies, and a security-first mindset. As 5G and IoT emerge, robust measures and AI will navigate challenges and shape the telecom industry’s future. Considering the

React to this headline:

Loading spinner

Balancing telecom security, law enforcement, and customer trust Read More »

Assess multi-cloud security with the open-source CNAPPgoat project

AWS, Ermetic, GitHub, Microsoft Azure, Microsoft Entra ID, News, open source, penetration testing, software /

Assess multi-cloud security with the open-source CNAPPgoat project 03/08/2023 at 07:31 By Help Net Security Ermetic released CNAPPgoat, an open-source project that allows organizations to test their cloud security skills, processes, tools, and posture in interactive sandbox environments that are easy to deploy and destroy. It is available on GitHub. CNAPPgoat supports AWS, Azure (Microsoft

React to this headline:

Loading spinner

Assess multi-cloud security with the open-source CNAPPgoat project Read More »

Open-source penetration testing tool BloodHound CE released

Active Directory, Azure, cybersecurity, Don't miss, GitHub, Microsoft Azure, Microsoft Entra ID, News, open source, penetration testing, software, SpecterOps /

Open-source penetration testing tool BloodHound CE released 02/08/2023 at 06:32 By Mirko Zorz SpecterOps released version 5.0 of BloodHound Community Edition (CE), a free and open-source penetration testing solution that maps attack paths in Microsoft Active Directory (AD) and Azure (including Azure AD/Entra ID) environments. It is available for free on GitHub. Identifying simple Attack

React to this headline:

Loading spinner

Open-source penetration testing tool BloodHound CE released Read More »

12 open-source penetration testing tools you might not know about

Don't miss, GitHub, Hot stuff, News, open source, penetration testing, Red Siege, software /

12 open-source penetration testing tools you might not know about 18/07/2023 at 07:34 By Mirko Zorz Red Siege has developed and made available many open-source tools to help with your penetration testing work. The company plans to continue to support the tools listed below, whether in the form of bug fixes or new features. Give

React to this headline:

Loading spinner

12 open-source penetration testing tools you might not know about Read More »

Attack Surface Management: Identify and protect the unknown

attack, CISO, cybersecurity, Don't miss, Hot stuff, NetSPI, penetration testing, Video /

Attack Surface Management: Identify and protect the unknown 13/07/2023 at 07:33 By Help Net Security In this Help Net Security video, Brianna McGovern, Product Manager, Attack Surface Management, NetSPI, discusses Attack Surface Management (ASM). Attack Surface Management detects known, unknown, and potentially vulnerable public-facing assets and changes to your attack surface that may introduce risk.

React to this headline:

Loading spinner

Attack Surface Management: Identify and protect the unknown Read More »

10 open-source recon tools worth your time

cybersecurity, Don't miss, Hot stuff, News, open source, OWASP, penetration testing, software /

10 open-source recon tools worth your time 20/06/2023 at 07:02 By Help Net Security Recon is the initial stage in the penetration testing process. It’s a vital phase allowing the tester to understand their target and strategize their moves. Here are ten open-source recon tools that deserve to be in your arsenal. Altdns Altdns is

React to this headline:

Loading spinner

10 open-source recon tools worth your time Read More »

Kali Linux 2023.2 released: New tools, a pre-built Hyper-V image, a new audio stack, and more!

Don't miss, Hot stuff, Kali Linux, Linux, News, Offensive Security, open source, penetration testing /

Kali Linux 2023.2 released: New tools, a pre-built Hyper-V image, a new audio stack, and more! 31/05/2023 at 10:29 By Zeljka Zorz Offensive Security has released Kali Linux 2023.2, the latest version of its popular penetration testing and digital forensics platform. New tools in Kali Linux 2023.2 Aside from updates for existing tools, a new

React to this headline:

Loading spinner

Kali Linux 2023.2 released: New tools, a pre-built Hyper-V image, a new audio stack, and more! Read More »

Penetration tester develops AWS-based automated cracking rig

AWS, cybersecurity, Don't miss, Features, Hot stuff, how-to, News, passwords, penetration testing, software, tips /

Penetration tester develops AWS-based automated cracking rig 30/05/2023 at 07:40 By Mirko Zorz Building a custom cracking rig for research can be expensive, so penetration tester Max Ahartz built one on AWS. In this Help Net Security interview, he takes us through the process and unveils the details of his creation. What motivated you to

React to this headline:

Loading spinner

Penetration tester develops AWS-based automated cracking rig Read More »

Scroll to Top