Your pentest scope might be missing the biggest risk in your environment: your vendors. See the data and what to do about it.
Resources
Blog
External Testing
Keep up to date with the latest offensive security news, knowledge, and resources.
Sometimes when conducting a Penetration Testing exercise or Red Team engagement, you might be interested in extracting password hashes or credentials of your target Windows user, without the use of Mimikatz to avoid detection. This is where you would resort to using an NTLM downgrade attack. In this article we shall discuss how you can be able to perform this...
External penetration testing simulates cyber-attacks from outside an organization's network perimeter.
You need more value out of your pentests. The traditional point-in-time testing isn't cutting it. Continuous penetration testing brings an innovative methodology that better protects you and your business. This post covers the key benefits that continuous testing provides...
External attack surface management (EASM) focuses on managing and securing an organization's digital assets exposed to external threats.
Get ready to learn the importance of LLM (Large Language Model) security testing, a vital process for identifying vulnerabilities in AI models, especially those integrated into web applications. The need for early detection of potential risks like unauthorized data access, prompt injection attacks, and remote code execution is more crucial than ever.
