penetration-test – Page 7 – WindowsTechs.com

Dos and don’ts during a pentest [closed]

Posted on February 14, 2023 by rudeus123

I will be attempting my first real pentest as a junior pentester in a company (not a CTF). It will be on a web app.
For a first pentest do you think it is sufficient to just follow the OWASP Guide and just check the following list: This li… Continue reading Dos and don’ts during a pentest [closed]→

Need help with the process of vulnerability assessing a website [closed]

Posted on February 14, 2023 by Muhammad Aadil

I joined as an intern at this organization as a supposed cyber security consultant and now I’m expected to conduct a vulnerability assessment of the website and prepare a report on that.
Any suggestions as to what tools I can use for free … Continue reading Need help with the process of vulnerability assessing a website [closed]→

Is Wifi Penetration Testing Dead?

Posted on February 7, 2023 by breachr

"I hack your Wifi in 5 Minutes" still seems to be a hot topic on youtube in 2023, atleast on beginner channels like David Bombal. However, is there still any real world application? Even before the advent of WPA3?
Handshake-Captu… Continue reading Is Wifi Penetration Testing Dead?→

Is Wifi Penetration Testing Dead?

Posted on February 7, 2023 by breachr

Grab 9 Ethical Hacking Courses for $30 and Improve Your Business Security

Posted on January 30, 2023 by TechRepublic Academy

Your customers expect you to keep their data secure, and this collection of video courses covers everything you need to know about cybersecurity. Continue reading Grab 9 Ethical Hacking Courses for $30 and Improve Your Business Security→

What is the best way to spin up vulnerable machines for training purposes? [duplicate]

Posted on January 26, 2023 by chrysst

I am trying to realize which is the best option to have somewhere installed vulnerable virtual machines and run them whenever you want for Pentest training or other cloudtesting purposes.
Maybe this is something like the TryHackMe platform… Continue reading What is the best way to spin up vulnerable machines for training purposes? [duplicate]→

MobSF Android Activity APK Pentest

Posted on January 19, 2023 by Mr John

it is my first time with MobSF and Android APK assessment. I have found something while testing a specific APK and I am trying to understand the concept behind it:
Under HARDCODED_SECRETS in MobSF, was found a pair of KEY/SECRET related to… Continue reading MobSF Android Activity APK Pentest→

How to leverage GenericAll privilege on a machine account without RBCD?

Posted on January 13, 2023 by Primarch

Suppose a domain user has a GenericAll permission on a machine account, but the computer tied to that machine account is inaccessible, and that same machine account has a GenericAll privilege over a Domain Admin user account. Is it possibl… Continue reading How to leverage GenericAll privilege on a machine account without RBCD?→

How far can we go with deserialization vulnerabilities

Posted on December 31, 2022 by Galatic_1

I recently start to learning some Ethical Hacking, to do pentesting, and i was looking for some advices from the community and some techniques in "deserialization vulnerabilities" on web applications.

Continue reading How far can we go with deserialization vulnerabilities→

How to fix airodump-ng [interface] not displaying aps

Posted on December 30, 2022 by SnEaKz

I am an aspiring pen-tester and am trying to learn the basic skills. I recent got a new asus laptop and it will not list aps when i run airodump. I am using Parrot OS if that is any help. My other laptop would list them(Also running Parrot… Continue reading How to fix airodump-ng [interface] not displaying aps→