Security News

Please turn on your JavaScript for this page to function normally. Secator is an open-source task and workflow runner tailored for security assessments.

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more...

Gain a deeper understanding of the difference between classing pen testing and PTaaS, explore the true costs of legacy pen testing, and gain insights into the many benefits of adopting PTaaS. How do classic penetration tests work? A hybrid alternative to traditional pen testing, PTaaS is a cloud-native, semi-automated service that delivers on-demand pen testing.

Faction is an open-source solution that enables pentesting report generation and assessment collaboration. Josh Summitt, the creator of Faction, has always disliked the process of writing reports, preferring to focus on uncovering bugs.

Network penetration testing plays a crucial role in protecting businesses in the ever-evolving world of cybersecurity. Yet, business leaders and IT pros have misconceptions about this process,...

Network penetration testing plays a crucial role in protecting businesses in the ever-evolving world of cybersecurity. Yet, business leaders and IT pros have misconceptions about this process,...

Kubernetes has become a critical part of the infrastructure for many organizations. With its widespread adoption, Kubernetes environments have also become a target for cyber threats.

SessionProbe is a multi-threaded pentesting tool designed to evaluate user privileges in web applications. It takes a user's session token and checks for a list of URLs if access is possible, highlighting potential authorization issues.

The answer the second question - How to make Kali the best possible platform for training? - we work very closely with the OffSec content development team to find out what tools they are using for training, what sort of default environment works best for learners, and what we can do in Kali to support general education efforts. Surprisingly, even though Kali is built for advanced information security work, it is often the first Linux many users ever use.

In today's world of automated hacking systems, frequent data breaches and consumer protection regulations such as GDPR and PCI DSS, penetration testing is now an essential security requirement for organisations of all sizes. Asking a 'CREST member company' to carry out a pen-test does not guarantee that the consultant performing your test is certified themselves - merely that the company is morally obliged to provide you with a suitable tester.