New & Notable
Penetration testing, ethical hacking and vulnerability assessments News
February 26, 2019
Security expert Art Manion discusses what he calls major problems within the Common Vulnerability Scoring System and explains why CVSS needs to be replaced.
February 21, 2019
GitHub's bug bounty program for 2019 increases the reward money for researchers who find security vulnerabilities in the company's code.
November 15, 2018
During the Securing the Enterprise conference at MIT's CSAIL, BT Security CEO Mark Hughes discusses the benefits and challenges red teaming has presented to his company.
September 28, 2018
The DEF CON report from the 2018 Voting Village paints a troubling picture for election equipment vendors, including a machine with a flaw known since 2007 left unpatched.
Penetration testing, ethical hacking and vulnerability assessments Get Started
Bring yourself up to speed with our introductory content
In this Mimikatz tutorial, learn about the password and credential dumping program, where you can acquire it and how easy it makes it to compromise system passwords. Continue Reading
Penetration testing, also called pen testing or ethical hacking, is the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit. Continue Reading
A honeypot is a network-attached system set up as a decoy to lure cyberattackers and to detect, deflect or study hacking attempts in order to gain unauthorized access to information systems. Continue Reading
Evaluate Penetration testing, ethical hacking and vulnerability assessments Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
The UPnP protocol is being misused to distribute malware through home routers. Expert Michael Cobb explains the UPnP vulnerability and how to defend against it. Continue Reading
If unsafe computer systems scare the living daylights out of you, tune into this webinar on how to do authenticated vulnerability scans to avoid system damage. Continue Reading
With the proposal of the Active Cyber Defense Certainty Act, individuals would be able to 'hack back' when information is stolen. Matt Pascucci makes the case against the bill. Continue Reading
Manage Penetration testing, ethical hacking and vulnerability assessments
Learn to apply best practices and optimize your operations.
This five-step approach to web application security testing with documented results will help keep your organization's applications free of flaws. Continue Reading
A vulnerability was found in Western Digital's My Cloud NAS device that can be easily exploited by hackers. Discover what this vulnerability is and how users can be protected. Continue Reading
FragmentSmack, a DDoS vulnerability first discovered in Linux, affects Windows as well as nearly 90 Cisco products. Discover how it can be exploited with Judith Myerson. Continue Reading
Problem Solve Penetration testing, ethical hacking and vulnerability assessments Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
An exploit code for Dirty COW was accidentally shipped by Cisco with product software. Learn how this code ended up in a software release and what this vulnerability can do. Continue Reading
A D-Link router vulnerability was used to send banking users to a fake site in order to steal their information. Learn more about this vulnerability with expert Judith Myerson. Continue Reading
Learn to use the Wireshark protocol analyzer to monitor network traffic, as well as how to use the Wireshark packet sniffer to inspect and analyze network traffic. Continue Reading