Penetration testing, ethical hacking and vulnerability assessments
In this security testing and ethical hacking guide, you will get info on how to conduct a vulnerability assessment of your network and IT environment with penetration testing and ethical hacking tools and software, ethical hacker training and certifications.
New & Notable
Penetration testing, ethical hacking and vulnerability assessments News
-
September 28, 2018
28
Sep'18
DEF CON report: Election equipment plagued by 10-year-old flaw
The DEF CON report from the 2018 Voting Village paints a troubling picture for election equipment vendors, including a machine with a flaw known since 2007 left unpatched.
-
September 12, 2018
12
Sep'18
Jake Braun discusses the Voting Village at DEF CON
The Voting Village at DEF CON 26 expanded its scope to test every aspect of election security that it could. Organizer Jake Braun discusses how it went and what's next.
-
September 06, 2018
06
Sep'18
Risk & Repeat: Fortnite flaw disclosure enrages Epic Games
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the dispute between Google and Epic Games over a newly disclosed flaw in the Android version of Fortnite.
-
August 09, 2018
09
Aug'18
Risk & Repeat: Can Disclose.io help protect vulnerability researchers?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Disclose.io project and what it could mean for the future of security research and vulnerability disclosure.
Penetration testing, ethical hacking and vulnerability assessments Get Started
Bring yourself up to speed with our introductory content
-
Wireshark tutorial: Using Wireshark to sniff network traffic
Learn to use the Wireshark protocol analyzer to monitor network traffic, as well as how to use the Wireshark packet sniffer to inspect and analyze network traffic. Continue Reading
-
ethical hacker
An ethical hacker, also referred to as a white hat hacker, is an information security expert who systematically attempts to penetrate a computer system, network, application or other computing resource on behalf of its owners -- and with their ... Continue Reading
-
honeypot (honey pot)
A honeypot is a computer system that is set up to act as a decoy to lure cyberattacks and to detect, deflect, or study attempts to gain unauthorized access to information systems. Continue Reading
Evaluate Penetration testing, ethical hacking and vulnerability assessments Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
-
UPnP vulnerability: How is the UPnP protocol being misused?
The UPnP protocol is being misused to distribute malware through home routers. Expert Michael Cobb explains the UPnP vulnerability and how to defend against it. Continue Reading
-
Use an authenticated vulnerability scan to find system flaws
If unsafe computer systems scare the living daylights out of you, tune into this webinar on how to do authenticated vulnerability scans to avoid system damage. Continue Reading
-
Active Cyber Defense Certainty Act: Should we 'hack back'?
With the proposal of the Active Cyber Defense Certainty Act, individuals would be able to 'hack back' when information is stolen. Matt Pascucci makes the case against the bill. Continue Reading
Manage Penetration testing, ethical hacking and vulnerability assessments
Learn to apply best practices and optimize your operations.
-
How does the APT attack Double Kill work in Office documents?
The Qihoo 360 Core Security team found a Microsoft vulnerability -- named Double Kill -- that affects applications via Office documents. Learn how this is possible with Nick Lewis. Continue Reading
-
White hat Dave Kennedy on purple teaming, penetration testing
Russia and other nation-states use application control bypass techniques because they don't "trigger any alarms," the chief hacking officer says. Continue Reading
-
PulseNet: How do improper authentication flaws affect it?
GE reported an improper authentication flaw in its PulseNet network management software for critical infrastructures. Discover how this flaw works with Judith Myerson. Continue Reading
Problem Solve Penetration testing, ethical hacking and vulnerability assessments Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
-
Understanding the risk SQL injection vulnerabilities pose
SQL injection vulnerabilities put a system at risk and are often unknown to users. Discover how this web vulnerability works and how to prevent it with expert Kevin Beaver. Continue Reading
-
How does the Android Rowhammer exploit affect users?
Android Rowhammer is a hardware weakness in older devices that puts users at risk of remote exploits. Expert Michael Cobb explains why it's important to upgrade to newer devices. Continue Reading
-
How does a WDC vulnerability put hardcoded passwords at risk?
Several vulnerabilities were found in Western Digital's My Cloud, including one that affects the default hardcoded password. Learn how to avoid such risks with expert Nick Lewis. Continue Reading