#PenTest

0 posts0 participants0 posts today

0x40kOh man, Fortinet *yet again*! 😅 A symlink bug that *still grants* read-only access even after updates? Seriously, that's my kind of 'funny'! 😂It just goes to show how crucial manual testing really is. You know, the kind of thing automated scans often just don't catch. Our clients are *always* relieved when we spot these things before a malicious actor does! 👌So yeah, updates are vital, but *don't forget* to double-check those configs! Otherwise, attackers might still have a foothold, even after you've 'patched'.Just remember: Security isn't just a product you buy; it's an ongoing process. And let's be real, it also needs to fit the budget. 🤷‍♂️What persistence tricks do you all have up your sleeve? 🤔<a href="https://infosec.exchange/tags/Pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Pentest</a> <a href="https://infosec.exchange/tags/Fortinet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Fortinet</a> <a href="https://infosec.exchange/tags/SecurityFail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityFail</a> <a href="https://infosec.exchange/tags/OffensiveSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OffensiveSecurity</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a>

Will HuntTop <a href="https://infosec.exchange/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hashcat</a> tip:Want per-position duplication in your rules to leverage your GPU?It's not available in a single op, but you can emulate it by incrementally duplicating the first N chars, and then incrementally deleting the position and frequency of the redundant characters<a href="https://infosec.exchange/tags/password" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#password</a> <a href="https://infosec.exchange/tags/passwordcracking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#passwordcracking</a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redteam</a>

fuomag9According to the <a href="https://kiwi.fuo.fi/tags/OVH" rel="nofollow noopener noreferrer" target="_blank">#OVH</a> <a href="https://kiwi.fuo.fi/tags/tos" rel="nofollow noopener noreferrer" target="_blank">#tos</a> if I do a <a href="https://kiwi.fuo.fi/tags/pentest" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> on my infrastructure and services I do have to send them a report with all the vulnerabilities. <a href="https://contract.eu.ovhapis.com/1.0/pdf/contrat_genServices-it.pdf" rel="nofollow noopener noreferrer" target="_blank">https://contract.eu.ovhapis.com/1.0/pdf/contrat_genServices-it.pdf</a> (Article 3.9) And they are going to fix them for free for me right? /s

0x40kAlright folks, just a quick heads-up from your friendly neighborhood pentester: Office docs? Yeah, they're *still* a massive playground for attackers. 🤯Sure, keeping things updated is vital, *but* let's be real: social engineering still wears the crown. Honestly, the least suspecting user often ends up being the biggest security gap in the network.Just saw this play out at a client's site recently. An employee clicked open a seemingly innocent Word doc... hiding a nasty phishing link. And *poof*, their credentials were gone. 🙈 Can happen just like that.Now, AI *can* lend a hand here, but tread carefully. The tech's evolving way faster than most people can adapt. That makes disinformation and manipulation seriously huge threats we need to watch out for.So, what's the game plan? Awareness training – it's absolutely worth its weight in gold! Plus, fostering a healthy dose of skepticism is key, even when it feels like a drag sometimes. You gotta stay sharp.How are *you* shielding your users from these kinds of attacks? Let me know! 🤔<a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> <a href="https://infosec.exchange/tags/securityawareness" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityawareness</a> <a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#phishing</a>

Root MooseThis whole <a href="https://root.moose.ca/tags/FediverseChick" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FediverseChick</a> thing smells like penetration testing to me.<a href="https://root.moose.ca/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> <a href="https://root.moose.ca/tags/SocialMedia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SocialMedia</a> <a href="https://root.moose.ca/tags/Fediverse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Fediverse</a>

Iceman🚀 Proxmark3 v4.20142 "Blue Ice" is live! 🎉 With 20,000 commits, this community-driven release brings powerful new features for RFID security. Huge thanks to all contributors! 🔓🔧 <a href="https://chaos.social/tags/RFIDHacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RFIDHacking</a> <a href="https://chaos.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a> <a href="https://chaos.social/tags/PenTest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PenTest</a> <a href="https://chaos.social/tags/Proxmark3" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Proxmark3</a> <a href="https://chaos.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://chaos.social/tags/RedTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RedTeam</a><a href="https://github.com/RfidResearchGroup/proxmark3/releases" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/RfidResearchGroup/proxmark3/releases</a>

Shawn Hooper (he/him)Looking for a good Canadian pen tester for a web application. Specifically one who bills in CAD. Any recommendations? <a href="https://fosstodon.org/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#appsec</a> <a href="https://fosstodon.org/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> <a href="https://fosstodon.org/tags/canada" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#canada</a>

buheratorThis is a pretty good summary of <a class="hashtag" href="https://infosec.place/tag/pentest" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> as a profession: <a href="https://www.reddit.com/r/Pentesting/comments/1ixoq2g/pentesting_is_the_hardest_cybersecurity/" rel="nofollow noopener noreferrer" target="_blank">https://www.reddit.com/r/Pentesting/comments/1ixoq2g/pentesting_is_the_hardest_cybersecurity/</a> (I don't think comparisons to other fields makes much sense though)

Andrew ElwellWhile refitting my workshop/shed I'm going to fit a microswitch behind the strike plate (mortice lock - something similar to the <a href="https://eshop.assaabloyopeningsolutions.nz/microswitch-keep-8400-100000-5f88b6e1cbcf7" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://eshop.assaabloyopeningsolutions.nz/microswitch-keep-8400-100000-5f88b6e1cbcf7</a> ) to feed into <a href="https://mast.hpc.social/tags/homeassistant" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#homeassistant</a>. Q for <a href="https://defcon.social/@deviantollam" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@deviantollam</a> / <a href="https://mast.hpc.social/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> people tho - what % of places you enter 1) actually have this kinda monitoring in place 2) use / observe / log it?I suspect _very_ small numbers, esp for 2

Arkadiusz WieczorekI need to buy something for a pentester for a gift, what do you recommend?<a href="https://mastodon.internet-czas-dzialac.pl/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> <a href="https://mastodon.internet-czas-dzialac.pl/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentesting</a>

Parrot SecurityParrot 6.3 has landed 🚀🔒 Reinforced security ⚡ Improved performance 🛠️ Updated toolsClick the link and read more on the changelog ⬇️parrotsec.org/blog/2025-01-3…<a href="https://mastodon.social/tags/ParrotSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ParrotSec</a> <a href="https://mastodon.social/tags/ParrotOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ParrotOS</a> <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://mastodon.social/tags/CybersecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CybersecurityNews</a> <a href="https://mastodon.social/tags/Hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hacking</a> <a href="https://mastodon.social/tags/PenTest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PenTest</a> <a href="https://mastodon.social/tags/Pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Pentesting</a> <a href="https://mastodon.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> <a href="https://mastodon.social/tags/linuxdistro" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxdistro</a>

OWASP FoundationThank you, @cobalt_io, for your incredible support as an <a href="https://infosec.exchange/tags/OWASP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OWASP</a> Silver Corporate Supporter! We truly appreciate your commitment and are excited to collaborate with you throughout the year. 💙 <a href="https://owasp.org/supporters/list" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://owasp.org/supporters/list</a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AppSec</a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://infosec.exchange/tags/nonprofit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nonprofit</a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a>

d33p.jsDone, but... just out of curiosity.Should Pentester cleanup after themself?Like, delete all Accounts (they may have created) or remove E-Mail Forwarders from Printers and other Systems?Please retoot to reach more people.<a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> <a href="https://infosec.exchange/tags/pentester" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentester</a> <a href="https://infosec.exchange/tags/fedihelp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fedihelp</a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redteam</a>

SkypLabsWe just finished a web and mobile pentest and a technical security review, and are available to accept new clients.We provide services in software engineering, cloud infrastructures, pentesting/security audits, training, and technical writing. We focus on user-respecting, privacy-first, and open-source projects.Feel free to contact us if you need to be security audited or have a project idea.<a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://infosec.exchange/tags/Privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Privacy</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://infosec.exchange/tags/SoftwareDevelopment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareDevelopment</a> <a href="https://infosec.exchange/tags/SoftwareEngineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareEngineering</a> <a href="https://infosec.exchange/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevOps</a> <a href="https://infosec.exchange/tags/CloudInfrastructure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudInfrastructure</a> <a href="https://infosec.exchange/tags/Pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Pentest</a> <a href="https://infosec.exchange/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a>

Scratch Monkey BLU3Good day netizens. Blue has returned after 10 years in tech, once again on the job hunt. I have worked a variety of roles from hands-on computer repair to NOC tech to Sys admin and more. In that time, I have accrued several certifications including the <a href="https://hackers.town/tags/Swimlane" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Swimlane</a> Certified <a href="https://hackers.town/tags/SOAR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SOAR</a> Administrator, <a href="https://hackers.town/tags/CompTIA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CompTIA</a> <a href="https://hackers.town/tags/Network" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Network</a>+, <a href="https://hackers.town/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a>+, <a href="https://hackers.town/tags/Pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Pentest</a>+, <a href="https://hackers.town/tags/CertifiedNetworkVulnerabilityProfessional" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CertifiedNetworkVulnerabilityProfessional</a>, and <a href="https://hackers.town/tags/CASP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CASP</a>+. I'm currently looking for <a href="https://hackers.town/tags/remotework" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#remotework</a> for anywhere in the <a href="https://hackers.town/tags/US" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#US</a> . I'm targeting <a href="https://hackers.town/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> roles, since that is what I am passionate about and my certifications are focused in, but I am also open to other IT roles such as software engineer, dev ops, etc. I'm a <a href="https://hackers.town/tags/transgender" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#transgender</a> woman trying to provide for her <a href="https://hackers.town/tags/LGBTQIA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LGBTQIA</a> family and any pay would greatly help us make ends meet as we try to survive in this refuge state where the cost of living is so much higher than back home. Boosts and sharing is welcome, thanks for your time and help. <a href="https://hackers.town/tags/getfedihired" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#getfedihired</a> <a href="https://hackers.town/tags/breakingintoinfosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#breakingintoinfosec</a> <a href="https://hackers.town/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://hackers.town/tags/informationtechnology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#informationtechnology</a> <a href="https://hackers.town/tags/sysadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sysadmin</a> <a href="https://hackers.town/tags/netadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#netadmin</a> <a href="https://hackers.town/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redteam</a> <a href="https://hackers.town/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a>

Tanya Janca | SheHacksPurple :verified: :verified:🎵 Do you need a good laugh? Check out my hilarious new music video, PenTest (no, no, no), a fun spin on a Amy Winehouse's 'Rehab'! 🤣 Tell me if you get the inside jokes! 💥 <a href="https://www.youtube.com/watch?v=NmZcL8CBHeA" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.youtube.com/watch?v=NmZcL8CBHeA</a><a href="https://infosec.exchange/tags/Subscribe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Subscribe</a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AppSec</a> <a href="https://infosec.exchange/tags/PenTest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PenTest</a> <a href="https://infosec.exchange/tags/imagiantnerd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#imagiantnerd</a>

Tanya Janca | SheHacksPurple :verified: :verified:Hey everyone! 🎵 Need a good laugh? Check out my hilarious new music video, PenTest (no, no, no), a fun spin on a Amy Winehouse's 'Rehab'! 🤣 Tell me if you get the inside jokes! 💥 <a href="https://infosec.exchange/tags/WatchNow" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WatchNow</a> <a href="https://infosec.exchange/tags/PleaseShare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PleaseShare</a> <a href="https://infosec.exchange/tags/PenTest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PenTest</a><a href="https://www.youtube.com/watch?v=NmZcL8CBHeA" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.youtube.com/watch?v=NmZcL8CBHeA</a>

Recent searches

Search options

Administered by:

Server stats: