penetration-test – Page 6 – WindowsTechs.com

Can you perform a penetration test on a web application that is running on local host and using an XAMPP server? [closed]

Posted on March 21, 2023 by Mike

I created a basic website that includes a login and signup system. The website uses a mySQL server as the backend to store login information. I want to use Kali Linux to perform a white box test on it as a project for class.
Is this even p… Continue reading Can you perform a penetration test on a web application that is running on local host and using an XAMPP server? [closed]→

How to secure a SQL Server database (windows auth) against a network windows user (penetration test)

Posted on March 3, 2023 by Lucian Bumb

I need to prepare my web app for a penetration test. The scenario is: If one of our windows users is hacked, what can the hacker do to my app and my database?
I have a virtual machine on our server, which holds a SQL Server Express and a d… Continue reading How to secure a SQL Server database (windows auth) against a network windows user (penetration test)→

How to test the reaction of an outsourced DDoS protection provider to a DDoS attack, similar to a red teaming engagement?

Posted on February 17, 2023 by TheMikina

I work in a security/pentesting company and in the last year the demand for DDoS testing has dramatically increased. The issue is that the customer is not interested in what I call a mislabeled load test, but wants us to test the reaction … Continue reading How to test the reaction of an outsourced DDoS protection provider to a DDoS attack, similar to a red teaming engagement?→

Dos and don’ts during a pentest [closed]

Posted on February 14, 2023 by rudeus123

I will be attempting my first real pentest as a junior pentester in a company (not a CTF). It will be on a web app.
For a first pentest do you think it is sufficient to just follow the OWASP Guide and just check the following list: This li… Continue reading Dos and don’ts during a pentest [closed]→

Need help with the process of vulnerability assessing a website [closed]

Posted on February 14, 2023 by Muhammad Aadil

I joined as an intern at this organization as a supposed cyber security consultant and now I’m expected to conduct a vulnerability assessment of the website and prepare a report on that.
Any suggestions as to what tools I can use for free … Continue reading Need help with the process of vulnerability assessing a website [closed]→

Is Wifi Penetration Testing Dead?

Posted on February 7, 2023 by breachr

"I hack your Wifi in 5 Minutes" still seems to be a hot topic on youtube in 2023, atleast on beginner channels like David Bombal. However, is there still any real world application? Even before the advent of WPA3?
Handshake-Captu… Continue reading Is Wifi Penetration Testing Dead?→

Is Wifi Penetration Testing Dead?

Posted on February 7, 2023 by breachr

Grab 9 Ethical Hacking Courses for $30 and Improve Your Business Security

Posted on January 30, 2023 by TechRepublic Academy

Your customers expect you to keep their data secure, and this collection of video courses covers everything you need to know about cybersecurity. Continue reading Grab 9 Ethical Hacking Courses for $30 and Improve Your Business Security→

What is the best way to spin up vulnerable machines for training purposes? [duplicate]

Posted on January 26, 2023 by chrysst

I am trying to realize which is the best option to have somewhere installed vulnerable virtual machines and run them whenever you want for Pentest training or other cloudtesting purposes.
Maybe this is something like the TryHackMe platform… Continue reading What is the best way to spin up vulnerable machines for training purposes? [duplicate]→

MobSF Android Activity APK Pentest

Posted on January 19, 2023 by Mr John

it is my first time with MobSF and Android APK assessment. I have found something while testing a specific APK and I am trying to understand the concept behind it:
Under HARDCODED_SECRETS in MobSF, was found a pair of KEY/SECRET related to… Continue reading MobSF Android Activity APK Pentest→