How AI Makes Phishing Easy & What to Watch For
Principal Penetration Tester Andrew Trexler got curious how easy it might be to customize a phish to a specific website using AI. The answer? Very easy.
-
-
Choosing a Penetration Testing Company: Part 1
Cole Stafford starts our three-part “Choosing a Penetration Testing Company” series by looking at what penetration testing is and the types of penetration tests.
-
PSE & Red Team Series: Physical Entry Bypass
Raxis lead penetration tester, Nathan Anderson, continues our PSE & Red Team series with a discussion on the tools and techniques to bypass entry controls.
-
Cool Tools Series: CeWL for Penetration Testing
Lead Penetration Tester Jason Taylor discusses how the CeWL Custom Word List generator can improve hashcat results for penetration testing.
-
AD Series: Using Evil-WinRM to Get NTDS Manually in Penetration Tests
Principal Penetration Tester Andrew Trexler’s Active Directory series is back, showing how to use Evil-WinRM to copy NTDS.dit manually in penetration tests.
-
Understanding PTaaS: Penetration Testing as a Service
What does Penetration Testing as a Service (PTaaS) really mean? In this blog we discuss the details and how do you find the best PTaaS for your organization.
-
Password Series: 8 Practical First Steps to Crack Difficult Passwords in Penetration Tests
From rulesets & hardware to wordlists and mask attacks, Lead Penetration Tester Ryan Chaplin shows how to crack difficult password hashes in penetration tests.
-
PSE & Red Team Series: OSINT & Reconnaissance
Raxis lead penetration tester, Nathan Anderson, begins our PSE & Red Team series discussing the importance of OSINT and reconnaissance to begin the assessment.
-
Tips for Scoping Your Penetration Test
Scoping your penetration test (especially your first one) can be daunting. Our team is always happy to help, and Brad Herring gives you a head start here.
-
Cool Tools Series: How Vim Powers Penetration Testing
Principal Penetration Tester, Andrew Trexler, dives into Vim, a powerful command line tool for text files, and shows useful commands for penetration testing.
-
Cybersecurity: It’s how to say “Yes.”
Contrary to common misconceptions, cybersecurity acts as a powerful enabler in the digital age, fostering innovation, driving business growth, and empowering organizations to harness technology’s full potential. By building trust, accelerating innovation, enabling emerging technologies, enhancing efficiency, ensuring compliance, supporting remote work, and protecting intellectual property, robust cybersecurity measures create a secure foundation for organizations to thrive and innovate in an increasingly interconnected world.
-
Accepting Penetration Test Risks & How Compensating Controls Can Help
Tim Semchenko discusses documenting acceptance of risks and implementing compensating controls as options when pentest findings cannot be fixed immediately.
