Get started
Bring yourself up to speed with our introductory content.
Penetration testing ethical hacking and vulnerability assessments
Put application security testing at the top of your do-now list
It's time to take a new attitude toward application security. Learn what must be tested and the specific steps that will take your apps from vulnerable to fortified. Continue Reading
Craft an effective application security testing process
For many reasons, only about half of all web apps get proper security evaluation and testing. Here's how to fix that stat and better protect your organization's systems and data. Continue Reading
Port Scan
A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services -- each associated with a "well-known" port number -- the computer provides. Continue Reading
-
Do you have the right set of penetration tester skills?
Pen testing is more than just the fun of breaking into systems. Learn about the critical penetration tester skills potential candidates must master to become proficient in their career path. Continue Reading
application whitelisting
Application whitelisting is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system. Continue Reading
CompTIA PenTest+ practice test questions to assess your knowledge
Think you're ready to take the CompTIA PenTest+ certification exam? Test your skill set with some of the sample multiple-choice questions you may be facing.Continue Reading
6 different types of hackers, from black hat to red hat
Black, white and grey hats are familiar to security pros, but as the spectrum evolves to include green, blue and red, things get muddled. Brush up on types of hackers, new and old.Continue Reading
Penetration testing vs. red team: What's the difference?
Is penetration testing the same as red team engagement? There are similarities, but they're not the same. Understand the differences to improve your organization's cyberdefenses.Continue Reading
What are the benefits and challenges of cloud penetration testing?
Cloud penetration testing presents new challenges for information security teams. Here's how a playbook from the Cloud Security Alliance can help inform cloud pen test strategies.Continue Reading
How does AttackSurfaceMapper help with attack surface mapping?
A new open source pen testing tool expedites attack surface mapping -- one of the most important aspects of any penetration testing engagement.Continue Reading
-
How to build an enterprise penetration testing plan
Simulating an attack against your network is one of the best ways to remediate security holes before the bad guys find them. Here, learn penetration testing basics and how it can help keep your enterprise safe.Continue Reading
Wireshark tutorial: How to use Wireshark to sniff network traffic
Learn how to use the Wireshark packet analyzer to monitor network traffic, as well as how to use the Wireshark packet sniffer for network traffic analysis and inspection.Continue Reading
Words to go: Email phishing security
IT teams must take precautionary measures to address cybersecurity awareness, particularly when it comes to email. Refer to this list of email security terms to mitigate risks.Continue Reading
Mimikatz tutorial: How it hacks Windows passwords, credentials
In this Mimikatz tutorial, learn about the password and credential dumping program, where you can acquire it and how easy it makes it to compromise system passwords.Continue Reading
pen test (penetration testing)
Penetration testing, also called pen testing or ethical hacking, is the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit.Continue Reading