Resources
Tag: Pentesting
Explore resources tagged with "Tag: Pentesting".
Resources
Explore resources tagged with "Tag: Pentesting".
Bypass WAFs with gigaproxy: an HTTP proxy that rotates IPs using mitmproxy, AWS API Gateway, and Lambda. Read the blog to learn more.
Read morePreparing for a penetration test? This checklist will inform you on what to expect and what steps you should take to get the most out of your organization’s upcoming pentest. read more →
A vulnerability was recently disclosed for the Java logging library, Log4j. The vulnerability is wide-reaching and affects both open-source projects and enterprise software. VMWare announced shortly after the release of… read more →
By now, you’re probably well aware of a recently disclosed vulnerability for the Java logging library, Log4j. The vulnerability is wide-reaching and affects Ubiquiti's Unifi Network Application. In this article, we’re… read more →
A vulnerability was recently disclosed for the Java logging library, Log4j. The vulnerability is wide-reaching and affects both open source projects and enterprise software, meaning we need to understand how to ID and… read more →
Protecting your infrastructure from prying eyes is an important part of landing a phish and maintaining access to a client’s network. The process of setting up redirectors and reverse proxies has traditionally been… read more →
PetitPotam and ADCS exploitation are nothing short of amazing. Exploitation is a breeze and results in full domain admin access. With these two TTPs, an attacker can hop on a network, exploit the vulnerability, do some… read more →
Hey, you love printers right? They’re that reliable, steadfast piece of technology that always seems to work and never gives you any headaches ... right? Well, buckle up. Microsoft is releasing emergency security… read more →
I’m going to quickly go through the process of setting up GoPhish and show you how we evade defenders to increase the success rate of our phishing campaigns. read more →
Trying to wrap your head around what separates Continuous Penetration Testing from other forms of network security testing? Well, we get it. That’s why we’ve put together this handy little video. Sit back, have a… read more →
If you’re not in the cybersecurity trenches daily, it can be tough to get a clear understanding of many popular terms used by the professionals testing your organization’s network. read more →
Automated Vulnerability Scanners, on the surface, have a lot of appeal to IT directors. They run in the background and are “always on”. They alert you when you have an issue. But the harsh reality is they provide a… read more →
Continuous Human & Automated Security
Continuously monitor your attack surface with advanced change detection. Upon change, testers and systems perform security testing. You are alerted and assisted in remediation efforts all contained in a single security application, the Sprocket Platform.