8 “hacker” tools I use in every pentest
I am often asked what tools I use during my pentesting, so I decided to share a list of the eight tools that I use every pentest. You might be surprised what is listed, since most of them aren’t...
View Article7 “hacker” tools I use in every web app test
I noticed that Tom has done a list of the most common tools he used on a pentest. I want to follow up on this and do one for web application testing since this is more my background. So the tools I...
View ArticleSocial Engineering Tips
Social Engineering is one of my favorite subjects, this is because it’s so hard to defend against and can be very effective. It does not matter how much you spend on Firewalls, IDE, CCTV and security...
View ArticleHardening WordPress
WordPress is a common bit of software that most people use for websites or blogs but not many take the time to secure it. I recently installed WordPress on my website and of course I wanted to make it...
View ArticleWhy do so many websites fail with Passwords?
It seem only more apparent this week that so many websites fail at storing user passwords, with the password dump of Linkedin, eharmony and lasfm password this week. The scary thing about it, is there...
View ArticleBrute Forcing
At some stage or another we have all used Hydra or Medusa to brute force SSH or another protocol. One of the great things about security is there is always another way to do something. Therefore in...
View ArticleMaking a name for yourself
One of the best ways to get noticed in this industry is to make a name for yourself and here are some tips on how to do this. 1) Attend conferences and network this is really easy to do depending on...
View ArticleTo program or not to program that is the question?
Many new people to Pen Testing often find themselves asking this question: Do I have to be able to write code in order to be a good Pen Tester? I wanted to try and answer this firstly by saying it...
View ArticleGeo Tagging
What is Geotagging? “Geotagging (also written as GeoTagging) is the process of adding geographical identification metadata to various media such as a geotagged photograph or video, websites, SMS...
View ArticleRaspberry Pi Attack
So for anyone who doesn’t know what a rasberry pi is the best way to describe it is a small computer around the size of an iPhone. It has a few usb ports,HDMI,Ethernet and power connection. The great...
View ArticleWhat’s in my bag
One of the questions I get now and then relates to contents in my backpack when I go onsite for an internal pentest. I figured a formal blog post might provide some assistance for others interested in...
View ArticleSocial Engineering the Ninja Way
This is an older video that I posted for students, but happy to share with the world. This video is based on my book “Ninja Hacking: Unconventional Penetration Testing Tactics and Techniques”...
View Article
More Pages to Explore .....