Penetration testing

The Sophos XG Firewall recently had a publicly-reported zero-day vulnerability. The vulnerability in question was an SQL injection vulnerability that, if exploited,...

Pentesters are apparently huge fans of colors. Different roles within pentesting assignments are designated as Red Team, Blue Team, Purple Team and others....

When you create a software product or build a service or create a platform, it’s a good idea to make sure it is secure. The data we generate is feeding the...

There is an old saying that goes “a picture is worth a thousand words.” In many ways, this saying is true: you can learn a great deal about a person or...

The Red Team assessment is an increasingly popular method for an organization to get a realistic feel for their overall security. Organizations’ attack surfaces...

The Red Team’s final report is the most valuable part of the entire exercise for the client. In many cases, a Red Team is secretly hired by an organization’s...

In recent years, the number of standards and regulations that organizations have to demonstrate compliance with has exploded. Previously, organizations have...

The first stage in building a Red Team report is knowing what to put in the report. Three of the most important things to discuss in the report are identified...

At the end of the Red Team assessment, there are usually two main deliverables. The Red Team report provides a report providing a comprehensive description...

A variety of different free tools exist for Red Team operations, and, in many cases, a Red Team can get by just fine taking advantage of these free or open-source...