Penetration testing, ethical hacking and vulnerability assessments
In this security testing and ethical hacking guide, you will get info on how to conduct a vulnerability assessment of your network and IT environment with penetration testing and ethical hacking tools and software, ethical hacker training and certifications.
Top Stories
-
Answer
28 Aug 2024
Types of hackers: Black hat, white hat, red hat and more
Black, white and gray hats are familiar to security pros, but as the spectrum evolves to include green, blue, red and purple, things get muddled. Brush up on types of hackers. Continue Reading
-
Feature
06 Feb 2024
20 free cybersecurity tools you should know about
Cybersecurity products can get pricy but there are many excellent open source tools to help secure your systems and data. Here's a list of some of the most popular with cyber pros. Continue Reading
-
News
28 Apr 2020
Bugcrowd launches 'classic' penetration testing service
The crowdsourcing security company launched the Bugcrowd Classic Pen Test service to offer enterprises a more cost-effective and efficient way to test their cybersecurity posture. Continue Reading
-
Tip
07 Apr 2020
AI pen testing promises, delivers both speed and accuracy
AI is making many essential cybersecurity tasks more effective and efficient. AI-enabled penetration testing, or BAS, technologies are a case in point. Continue Reading
-
News
01 Apr 2020
Voatz disputes claims it was 'kicked off' HackerOne
HackerOne has cut ties with Voatz, but the mobile voting vendor disputed reports that it was kicked off the bug bounty platform following controversy with security researchers. Continue Reading
-
Feature
26 Feb 2020
Security testing web applications and systems in the modern enterprise
Security testing web apps with little budget and poor documentation is difficult. Ric Messier discusses building a security testing lab in the DevSecOps, cloud and automation age. Continue Reading
-
Feature
26 Feb 2020
Software security testing and software stress testing basics
In this excerpt from Ric Messier's book, learn why software security testing and stress testing are critical components of an enterprise infosec program. Continue Reading
-
News
20 Feb 2020
Voatz, MIT researchers spar over blockchain e-voting app
MIT researchers contested claims that Voatz's voting app used blockchain technology to provide secure voting. Voatz responded, but questions about the company's technology remain. Continue Reading
-
News
13 Feb 2020
Voatz mobile voting app deemed insecure by MIT researchers
Security researchers at MIT claim a mobile e-voting app piloted in several state elections is insecure, but the vendor has aggressively pushed back on the findings. Continue Reading
-
Definition
31 Jan 2020
Pen Testing as a Service (PTaaS)
Pen testing as a service (PTaaS) is a cloud service that provides information technology (IT) professionals with the resources they need to conduct and act upon point-in-time and continuous penetration tests. Continue Reading
-
Tip
22 Jan 2020
How to write a quality penetration testing report
Writing a penetration testing report might not be the most fun part of the job, but it's a critical component. These tips will help you write a good one. Continue Reading
-
News
20 Jan 2020
CyCognito turning tables by using botnets for good
In this Q&A with CyCognito CEO Rob Gurzeev, he discusses what led to his company, how attack simulations work and how he plans to spend the company's recent round of funding. Continue Reading
-
Tip
16 Jan 2020
Craft an effective application security testing process
For many reasons, only about half of all web apps get proper security evaluation and testing. Here's how to fix that stat and better protect your organization's systems and data. Continue Reading
-
News
16 Dec 2019
Siemens ICS flaws could allow remote exploits
Siemens recommends locking down industrial control systems as security researchers disclose 54 bugs, including remote exploit flaws, but only three patches are available. Continue Reading
-
Answer
09 Dec 2019
How can companies identify IT infrastructure vulnerabilities?
New, sophisticated technology is available to help infosec pros find IT infrastructure vulnerabilities. Automated pen testing and outsourcing threat intelligence services can help. Continue Reading
-
News
05 Dec 2019
Session cookie mishap exposed HackerOne private reports
A security researcher used a mishandled session cookie to access private HackerOne bug reports with an account takeover attack and earned a bug bounty for their efforts. Continue Reading
-
News
22 Nov 2019
Android Security Rewards program expands, adds $1.5M bounty
Google expanded its Android bug bounty program to include data exfiltration and lock screen bypass and raised its top prize for a full chain exploit of a Pixel device. Continue Reading
-
Answer
21 Nov 2019
Do you have the right set of penetration tester skills?
Pen testing is more than just the fun of breaking into systems. Learn about the critical penetration tester skills potential candidates must master to become proficient in their career path. Continue Reading
-
News
15 Nov 2019
Check Point: Qualcomm TrustZone flaws could be 'game over'
Researchers discovered vulnerabilities in Qualcomm TrustZone that Check Point says could lead to 'unprecedented access' because of the extremely sensitive data stored in mobile secure elements. Continue Reading
-
News
13 Nov 2019
ZombieLoad v2 disclosed, affects newest Intel chips
Researchers disclosed another variant of the ZombieLoad side-channel attack that affects the newest Intel processors, and also discovered a flaw in the original ZombieLoad patch. Continue Reading
-
Feature
13 Nov 2019
Benefits of using Azure Security Center for security assessments
Author Yuri Diogenes discusses how Azure Security Center helps admins achieve full cloud visibility, conduct security assessments and prevent potential breaches. Continue Reading
-
Feature
12 Nov 2019
Use Azure Security Center to conduct a security posture assessment
In this excerpt from Chapter 4 of Microsoft Azure Security Center, the authors outline how to use the software to determine and improve your enterprise's cloud security posture. Continue Reading
-
Definition
05 Nov 2019
application whitelisting
Application whitelisting is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system. Continue Reading
-
Feature
25 Oct 2019
On a penetration tester career path, flexibility and curiosity are key
Becoming a pen tester takes more than passing an exam. Learn the qualities ethical hackers should embrace to achieve success on their penetration tester career path. Continue Reading
-
Quiz
24 Oct 2019
CompTIA PenTest+ practice test questions to assess your knowledge
Think you're ready to take the CompTIA PenTest+ certification exam? Test your skill set with some of the sample multiple-choice questions you may be facing. Continue Reading
-
Tip
15 Oct 2019
Essential instruments for a pen test toolkit
Does your penetration testing toolkit have the proper contents? Learn the must-have tool for any pen tester, as well as specific tools for wireless, network and web app pen testing. Continue Reading
-
Feature
26 Sep 2019
Top tips for using the Kali Linux pen testing distribution
It's the best Linux distro for penetration testers' toolkits, but it's not just any Linux. Get tips on Kali Linux pen testing from project lead Jim O'Gorman. Continue Reading
-
Answer
26 Sep 2019
Penetration testing vs. red team: What's the difference?
Is penetration testing the same as red team engagement? There are similarities, but they're not the same. Understand the differences to improve your organization's cyberdefenses. Continue Reading
-
Feature
05 Sep 2019
How does AttackSurfaceMapper help with attack surface mapping?
A new open source pen testing tool expedites attack surface mapping -- one of the most important aspects of any penetration testing engagement. Continue Reading
-
Answer
23 Aug 2019
What's the best way to prevent XSS attacks?
To prevent cross-site scripting attacks, software developers must validate user input and encode output. Review characters to filter out, as well as sources and sinks to avoid. Continue Reading
-
Answer
19 Aug 2019
How to build an enterprise penetration testing plan
Simulating an attack against your network is one of the best ways to remediate security holes before the bad guys find them. Here, learn penetration testing basics and how it can help keep your enterprise safe. Continue Reading
-
News
13 Aug 2019
Google wants Project Zero to be part of an open alliance
After five years of running Project Zero, Google wants to expand the scope to an open alliance of vulnerability researchers all working toward the same goal to 'make 0day hard.' Continue Reading
-
News
08 Aug 2019
Apple bug bounty expands to MacOS, offers $1 million iOS reward
Apple announced an expansion of its bug bounty program at Black Hat 2019, including rewards for MacOS vulnerabilities and a $1 million reward for a zero-click iOS exploit. Continue Reading
-
News
02 Aug 2019
Cohesity CyberScan scans backup copies for security risks
Cohesity CyberScan uses Tenable.io to find security vulnerabilities in backup copies. Because the app is scanning backups, it doesn't affect performance of production environments. Continue Reading
-
News
25 Jul 2019
Immunity selling new BlueKeep exploit, defends decision
Immunity CEO Dave Aitel defended his company's decision to sell a full RCE BlueKeep exploit as part of a pen testing tool, saying the exploit is necessary to demonstrate risk. Continue Reading
-
Podcast
07 Jun 2019
Tenable CEO Amit Yoran wants to stop 'cyber helplessness'
This week's Risk & Repeat podcast features Tenable CEO Amit Yoran, who discusses what he calls 'cyber helplessness' and how the mentality is infecting enterprises. Continue Reading
-
Podcast
22 May 2019
Risk & Repeat: Cisco vulnerabilities raise backdoor concerns
This week's Risk & Repeat podcast looks at vulnerabilities in Cisco and Huawei products, which have raised concerns about backdoor access in networking equipment. Continue Reading
-
Tutorial
01 Mar 2019
Mimikatz tutorial: How it hacks Windows passwords, credentials
In this Mimikatz tutorial, learn about the password and credential dumping program, where you can acquire it and how easy it makes it to compromise system passwords. Continue Reading
-
News
26 Feb 2019
CERT/CC's Art Manion says CVSS scoring needs to be replaced
Security expert Art Manion discusses what he calls major problems within the Common Vulnerability Scoring System and explains why CVSS needs to be replaced. Continue Reading
-
News
21 Feb 2019
GitHub security bug bounty program stretches to enterprise cloud
GitHub's bug bounty program for 2019 increases the reward money for researchers who find security vulnerabilities in the company's code. Continue Reading
-
Answer
14 Feb 2019
How did the Dirty COW exploit get shipped in software?
An exploit code for Dirty COW was accidentally shipped by Cisco with product software. Learn how this code ended up in a software release and what this vulnerability can do. Continue Reading
-
Tip
11 Feb 2019
5-step checklist for web application security testing
This five-step approach to web application security testing with documented results will help keep your organization's applications free of flaws. Continue Reading
-
Answer
14 Jan 2019
How can an authentication bypass vulnerability be exploited?
A vulnerability was found in Western Digital's My Cloud NAS device that can be easily exploited by hackers. Discover what this vulnerability is and how users can be protected. Continue Reading
-
Answer
11 Dec 2018
FragmentSmack: How is this denial-of-service exploited?
FragmentSmack, a DDoS vulnerability first discovered in Linux, affects Windows as well as nearly 90 Cisco products. Discover how it can be exploited with Judith Myerson. Continue Reading
-
Answer
10 Dec 2018
L1TF: How do new vulnerabilities affect Intel processors?
New speculative execution vulnerabilities have been found affecting Intel processors. Learn how these flaws can lead to side-channel attacks with Judith Myerson. Continue Reading
-
Answer
20 Nov 2018
Can a D-Link router vulnerability threaten bank customers?
A D-Link router vulnerability was used to send banking users to a fake site in order to steal their information. Learn more about this vulnerability with expert Judith Myerson. Continue Reading
-
News
15 Nov 2018
BT Security CEO: Red teaming is valuable, but challenging
During the Securing the Enterprise conference at MIT's CSAIL, BT Security CEO Mark Hughes discusses the benefits and challenges red teaming has presented to his company. Continue Reading
-
Tip
12 Nov 2018
Insider threat protection: Strategies for enterprises
Insider threats pose a serious risk to enterprises. Peter Sullivan explains how enterprises can use background checks and risk assessments for insider threat protection. Continue Reading
-
Answer
16 Oct 2018
How does the APT attack Double Kill work in Office documents?
The Qihoo 360 Core Security team found a Microsoft vulnerability -- named Double Kill -- that affects applications via Office documents. Learn how this is possible with Nick Lewis. Continue Reading
- 02 Oct 2018
-
Opinion
02 Oct 2018
White hat Dave Kennedy on purple teaming, penetration testing
Russia and other nation-states use application control bypass techniques because they don't "trigger any alarms," the chief hacking officer says. Continue Reading
-
News
28 Sep 2018
DEF CON report: Election equipment plagued by 10-year-old flaw
The DEF CON report from the 2018 Voting Village paints a troubling picture for election equipment vendors, including a machine with a flaw known since 2007 left unpatched. Continue Reading
-
Answer
21 Sep 2018
PulseNet: How do improper authentication flaws affect it?
GE reported an improper authentication flaw in its PulseNet network management software for critical infrastructures. Discover how this flaw works with Judith Myerson. Continue Reading
-
Tip
13 Sep 2018
Understanding the risk SQL injection vulnerabilities pose
SQL injection vulnerabilities put a system at risk and are often unknown to users. Discover how this web vulnerability works and how to prevent it with expert Kevin Beaver. Continue Reading
-
News
12 Sep 2018
Jake Braun discusses the Voting Village at DEF CON
The Voting Village at DEF CON 26 expanded its scope to test every aspect of election security that it could. Organizer Jake Braun discusses how it went and what's next. Continue Reading
-
Tip
11 Sep 2018
How hardening options help handle unpatchable vulnerabilities
Using multiple hardening options to endure unpatchable vulnerabilities is explored in a recent NIST report. Learn how entropy sources can be an additional option with Judith Myerson. Continue Reading
-
Answer
10 Sep 2018
How does the Android Rowhammer exploit affect users?
Android Rowhammer is a hardware weakness in older devices that puts users at risk of remote exploits. Expert Michael Cobb explains why it's important to upgrade to newer devices. Continue Reading
-
Answer
07 Sep 2018
How does a WDC vulnerability put hardcoded passwords at risk?
Several vulnerabilities were found in Western Digital's My Cloud, including one that affects the default hardcoded password. Learn how to avoid such risks with expert Nick Lewis. Continue Reading
-
Podcast
06 Sep 2018
Risk & Repeat: Fortnite flaw disclosure enrages Epic Games
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the dispute between Google and Epic Games over a newly disclosed flaw in the Android version of Fortnite. Continue Reading
-
Tip
28 Aug 2018
Red team assessments and post-assessment posture improvement
Testing an organization's security maturity is crucial for an organization to improve their post-assessment posture. Learn how red teaming can help this situation with Matt Pascucci. Continue Reading
-
Podcast
09 Aug 2018
Risk & Repeat: Can Disclose.io help protect vulnerability researchers?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Disclose.io project and what it could mean for the future of security research and vulnerability disclosure. Continue Reading
-
Answer
09 Aug 2018
UPnP vulnerability: How is the UPnP protocol being misused?
The UPnP protocol is being misused to distribute malware through home routers. Expert Michael Cobb explains the UPnP vulnerability and how to defend against it. Continue Reading
-
Feature
07 Aug 2018
Bugcrowd CTO explains crowdsourced security benefits and challenges
In part two of this interview, Bugcrowd founder and CTO Casey Ellis discusses the value of crowdsourced vulnerability research, as well as some of the challenges. Continue Reading
-
Conference Coverage
02 Aug 2018
Black Hat 2018 conference coverage
The SearchSecurity team covers the latest threats and vulnerabilities featured at this year's Black Hat USA with news, interviews and more from Las Vegas. Continue Reading
-
Feature
31 Jul 2018
Bugcrowd CTO on the need for responsible disclosure policy, 'good faith'
Bugcrowd founder and CTO Casey Ellis talks about his concerns that the era of 'good faith' between security researchers and enterprises is in jeopardy. Continue Reading
-
Answer
26 Jul 2018
How does SirenJack put emergency warning systems at risk?
Bastille researchers created the SirenJack proof of concept to show how a vulnerability could put San Francisco's emergency warning system at risk. Judith Myerson explains how it works. Continue Reading
-
Answer
13 Jul 2018
Drupalgeddon 2.0: Why is this vulnerability highly critical?
A recently discovered Drupal vulnerability in its open source CMS allowed attackers to control websites. Learn how almost one million sites were affected with Michael Cobb. Continue Reading
-
Answer
14 Jun 2018
Golden SAML: How can it abuse SAML authentication protocol?
CyberArk researchers created an attack called Golden SAML that uses Mimikatz techniques and applied it to a federated environment. Learn more about the attack with Nick Lewis. Continue Reading
-
Answer
11 Jun 2018
AVGater vulnerability: How are antivirus products impacted?
A security researcher recently discovered a new vulnerability -- the AVGater vulnerability -- that puts antivirus products at risk. Discover how this vulnerability works with Nick Lewis. Continue Reading
-
Answer
31 May 2018
How has a Broadcom flaw affected the Lenovo ThinkPad?
A previously disclosed flaw found in Broadcom's Wi-Fi controller chips is now believed to affect the Lenovo ThinkPad. Learn how this vulnerability works with expert Judith Myerson. Continue Reading
-
Answer
31 May 2018
How do BGP flaws affect Quagga routing software?
Multiple Border Gateway Protocol vulnerabilities were found impacting security in the Quagga routing software. Expert Judith Myerson explains how these flaws impact systems. Continue Reading
-
Answer
30 May 2018
How are Linear eMerge E3 systems vulnerable to attacks?
ICS-CERT issued a warning about a new vulnerability in Nortek Linear eMerge E3 products. Discover what this vulnerability is and how it affects access control for enterprises. Continue Reading
-
Answer
29 May 2018
How was a Cisco firewall vulnerability exploited by threat actors?
Threat actors exploited a critical Cisco firewall vulnerability that received a CVSS score of 10. Discover how this flaw works and how it was exploited with Judith Myerson. Continue Reading
-
Tip
24 May 2018
How the Meltdown and Spectre vulnerabilities impact security
The Meltdown and Spectre vulnerabilities impact the physical and hardware security of systems, making them extremely difficult to detect. Learn how to prevent these attacks with Nick Lewis. Continue Reading
-
Answer
17 May 2018
SSH private keys: How do threat actors find exposed keys?
Cybersecurity vendor Wordfence reported a rise in scans for SSH private keys that are often accidentally exposed to the public. Learn how to stay protected with Nick Lewis. Continue Reading
-
Answer
15 May 2018
How does the KRACK vulnerability use encryption keys?
The KRACK vulnerability was found in the WPA2 protocol for wireless networks and it enables attackers to crack encrypted connections. Learn how it works from Nick Lewis. Continue Reading
-
News
27 Apr 2018
Keycard vulnerability threatens millions of hotel rooms
News roundup: Researchers found a keycard vulnerability that enabled them to enter millions of hotel rooms worldwide. Plus, Yahoo has been fined $35 million by the SEC, and more. Continue Reading
-
News
20 Apr 2018
Keeper Security forms vulnerability disclosure program with Bugcrowd
Following its controversial lawsuit against an Ars Technica security reporter, Keeper Security has teamed with Bugcrowd on a formal vulnerability disclosure program. Continue Reading
-
News
19 Apr 2018
Moussouris: Bug bounty programs need to avoid jumping the shark
Bug bounty programs may seem to offer salvation at a bargain price for securing networks and systems, but Katie Moussouris offers tips for avoiding major pitfalls. Continue Reading
-
Opinion
03 Apr 2018
Marcus Ranum decodes hardware vulnerabilities with Joe Grand
Computer hardware designs with dangerous security flaws? That's no surprise to renowned hardware hacker Grand. Continue Reading
-
Tip
16 Mar 2018
Addressing vulnerable web systems that are often overlooked
Web security vulnerability scanners often focus on large applications within the enterprise. However, there are plenty of overlooked web systems that contain hidden flaws. Continue Reading
-
News
09 Mar 2018
Tenable introduces Lumin cyber exposure platform
Tenable.io Lumin enables organizations to gauge their 'cyber exposure' to vulnerabilities and allows them to compare remediation efforts against industry benchmark data. Continue Reading
-
Tip
19 Feb 2018
Use software forensics to uncover the identity of attackers
By analyzing the proverbial fingerprints of malicious software -- its program code -- infosec pros can gain meaningful insights into an attacker's intent and identity. Continue Reading
-
News
26 Jan 2018
Intel Spectre vulnerability memo raises questions of OEM disclosures
Intel first learned of the Spectre vulnerabilities on June 1, but a confidential document shows the chipmaker didn't inform OEM partners until almost six months later. Continue Reading
-
Blog Post
26 Jan 2018
Blizzard security flaw should put game developers on notice
A newly-discovered Blizzard security bug, which affected all of the company's popular PC games including Overwatch, should serve as a warning for the video game industry. Continue Reading
-
News
25 Jan 2018
Electron framework flaw puts popular desktop apps at risk
The Electron framework -- used to develop desktop apps using web code -- included a remote code execution flaw that was passed on to popular apps like Slack. Continue Reading
-
Tip
24 Jan 2018
A Windows vulnerability scan should leave no stones unturned
When it comes to scanning for vulnerabilities in Windows, IT pros need to run both authenticated and unauthenticated scans so they can see the deployment from every angle. Continue Reading
-
Answer
17 Jan 2018
Confused deputy: How did the vulnerability affect Slack?
A major SAML vulnerability was found in Slack that granted expired login credentials permission into the system. Matt Pascucci explains how this 'confused deputy' problem was handled. Continue Reading
-
News
04 Jan 2018
Meltdown and Spectre patches and mitigations released
Vendors released the vulnerability disclosures and patches for the new Meltdown and Spectre CPU attacks as the infosec industry begins mitigating risks. Continue Reading
-
Answer
04 Jan 2018
Vulnerability scans: How effective are they for web apps?
Equifax's Apache Struts vulnerability was an example of a scan not being read correctly. Kevin Beaver explains vulnerability scans and how issues can be missed by security teams. Continue Reading
-
Tip
19 Dec 2017
Get great results from authenticated vulnerability scanning
Here are five things you can do to successfully prepare and run authenticated vulnerability scanning and, in the end, achieve the most protection. Continue Reading
-
Quiz
08 Dec 2017
CISSP Domain 5 quiz: Types of access control systems
Get ready for the CISSP exam with this 10-question practice quiz covering key concepts in Domain 5, including access control, identity, authentication and more. Continue Reading
-
Opinion
05 Dec 2017
Active Cyber Defense Certainty Act: Should we 'hack back'?
With the proposal of the Active Cyber Defense Certainty Act, individuals would be able to 'hack back' when information is stolen. Matt Pascucci makes the case against the bill. Continue Reading
-
News
21 Nov 2017
Multiple Intel firmware vulnerabilities in Management Engine
Security researchers tested the controversial Intel Management Engine and other products, finding multiple Intel firmware vulnerabilities. Continue Reading
-
News
03 Nov 2017
Researchers hack iOS 11 at Mobile Pwn2Own 2017
Security researchers competing at Mobile Pwn2Own 2017 used multiple vulnerabilities to hack iOS 11 in order to execute code and win prizes. Continue Reading
-
Feature
01 Nov 2017
The vulnerability management process after Equifax
Cataclysmic security incidents highlight the importance of a vulnerability management program versus a patch management system. Here's how to implement a risk-based approach. Continue Reading
-
News
31 Oct 2017
Google Buganizer flaw reveals unpatched vulnerability details
A security researcher earned more than $15,000 by finding three flaws in the Google Issue Tracker, aka Buganizer, which revealed details on unpatched vulnerabilities. Continue Reading
- 30 Oct 2017
-
Podcast
26 Oct 2017
Risk & Repeat: Is vulnerability marketing problematic?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss vulnerability marketing and compare how the recent KRACK attack and ROCA flaw were publicized and promoted. Continue Reading
-
Tip
24 Oct 2017
How automated web vulnerability scanners can introduce risks
While automation is a key ingredient for security, it can't always be trusted. This especially holds true when running web vulnerability scanners, as Kevin Beaver explains. Continue Reading
-
Answer
05 Oct 2017
How does a private bug bounty program compare to a public program?
Explore the differences of public versus private bug bounty programs, as well as the benefits of each one. Expert Mathew Pascucci explains the risk and return of both programs. Continue Reading
-
News
28 Sep 2017
Network lateral movement from an attacker's perspective
A security researcher describes the network lateral movement process from an attacker's perspective and a few key points of focus for IT pros, at DerbyCon. Continue Reading
