Security News

Secator: Open-source pentesting Swiss army knife
2024-07-03 04:00

Please turn on your JavaScript for this page to function normally. Secator is an open-source task and workflow runner tailored for security assessments.

Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM
2024-04-29 10:54

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more...

How Pentesting-as-a-Service can Reduce Overall Security Costs
2024-03-28 14:01

Gain a deeper understanding of the difference between classing pen testing and PTaaS, explore the true costs of legacy pen testing, and gain insights into the many benefits of adopting PTaaS. How do classic penetration tests work? A hybrid alternative to traditional pen testing, PTaaS is a cloud-native, semi-automated service that delivers on-demand pen testing.

Faction: Open-source pentesting report generation and collaboration framework
2024-01-30 05:30

Faction is an open-source solution that enables pentesting report generation and assessment collaboration. Josh Summitt, the creator of Faction, has always disliked the process of writing reports, preferring to focus on uncovering bugs.

Reimagining Network Pentesting With Automation
2023-12-14 11:17

Network penetration testing plays a crucial role in protecting businesses in the ever-evolving world of cybersecurity. Yet, business leaders and IT pros have misconceptions about this process,...

Reimagining Network Pentesting With Automation
2023-12-14 11:17

Network penetration testing plays a crucial role in protecting businesses in the ever-evolving world of cybersecurity. Yet, business leaders and IT pros have misconceptions about this process,...

5 open-source tools for pentesting Kubernetes you should check out
2023-12-06 05:00

Kubernetes has become a critical part of the infrastructure for many organizations. With its widespread adoption, Kubernetes environments have also become a target for cyber threats.

SessionProbe: Open-source multi-threaded pentesting tool
2023-12-05 06:00

SessionProbe is a multi-threaded pentesting tool designed to evaluate user privileges in web applications. It takes a user's session token and checks for a list of URLs if access is possible, highlighting potential authorization issues.

Kali Linux: What’s next for the popular pentesting distro?
2023-01-03 05:30

The answer the second question - How to make Kali the best possible platform for training? - we work very closely with the OffSec content development team to find out what tools they are using for training, what sort of default environment works best for learners, and what we can do in Kali to support general education efforts. Surprisingly, even though Kali is built for advanced information security work, it is often the first Linux many users ever use.

Tips for Choosing a Pentesting Company
2022-10-31 13:50

In today's world of automated hacking systems, frequent data breaches and consumer protection regulations such as GDPR and PCI DSS, penetration testing is now an essential security requirement for organisations of all sizes. Asking a 'CREST member company' to carry out a pen-test does not guarantee that the consultant performing your test is certified themselves - merely that the company is morally obliged to provide you with a suitable tester.