Articles by Tag #pentest
Browse our collection of articles on various topics related to IT technologies. Dive in and explore something new!
Linux Filesystem Hierarchy
Navigating Linux for the first time can feel overwhelming: where do files go, what do all those...
Cracking the Shell: Enumerating SMB and SSH in the INE Skill Check Lab
Hello or welcome back, depending on whether you read my past article. This one will detail another...
HackTeam.RED: From API Keys to Full Infrastructure Compromise
🚀 HackTeam.RED: From API Keys to Full Infrastructure Compromise Professional Penetration...
Kubernetes Pentest Methodology: Cluster Security from an Attacker's Perspective
Explaining penetration testing methodologies for Kubernetes environments. Visualizing RBAC abuse after Legacy Token deprecation, attacks evading VAP, and the latest trends in container escape using Mermaid diagrams.
From Enumeration to Exploitation: How a Hidden Directory Unlocked Sensitive User Data
1. Introduction & Target Overview Targeted in this engagement was a web application...
The Art of Recon: What Happens When a Target Only Has One Door?
1. Introduction: The Importance of Reconnaissance A penetration tester must respond to the...
Git Tales: Secrets in the Shadows
Part 1 of 3 in Git Tales Series Enter fullscreen mode Exit fullscreen mode ...
🚀 AstralGuard Cyber Night Talk: Exploring the Future of AI & Cybersecurity 🛡️🤖
AstralGuard Cyber Academy invites cybersecurity professionals, beginners, and enthusiasts to an...
Git Tales: Part 2 - Demons in the Cloud
Part 2 of 3 in Git Tales Series Enter fullscreen mode Exit fullscreen mode ...
Hack The Box - Redeemer (Redis)
I will cover solution steps of the "Redeemer" machine, which is part of the 'Starting Point' labs and...
Criando um Port Scan com Python3
Introdução No artigo de hoje, vamos desenvolver um Port Scan utilizando Python 3, mas,...
How i Became a Pentester | Como me Tornei um Pentester
🇬🇧 - Hello, nice to meet you, my name is Gustavo and I’m a Pentester for about one and a half years,...
Пентестинг: основы, преимущества и применение
Пентестинг представляет собой комплексное тестирование, в ходе которого специалисты атакуют системы...
🔐 Top 8 API Pentesting Tools Every Developer & Security Pro Should Know
APIs are the unsung heroes of modern apps—but they also open doors to attackers. Whether you’re...
Next.js Middleware Broken Access Controls
Recently, an Authorization Bypass vulnerability was discovered in the Next.js framework (one of the...
2FA Bypass via Response Manipulation
You know that vulnerability that says "the developer must have the intention to collaborate with an...
Understanding a Netcat-Based Reverse Shell Using FIFO
One-liners like the following are often used in offensive security contexts to establish shell access...
Инструменты пентестера: nmap, sqlmap, netcat – Исследование, Эксплуатация, Взаимодействие
Профессия пентестера (тестировщика на проникновение) требует не только глубоких знаний сетевых...
Web Cache Deception Attacks
Web Cache Deception is a vulnerability first described in 2017. It occurs when a caching system —...
Attacking WebDAV Protocol
WebDAV (Web-based Distributed Authority Version) is a legacy protocol that can be defined as an...
![[REPOST] Installing Genymotion for Android App Pentesting: The Definitive Guide](https://media2.dev.to/dynamic/image/width=1000,height=420,fit=cover,gravity=auto,format=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7m76bhi1cncal3oq8xxg.png)
[REPOST] Installing Genymotion for Android App Pentesting: The Definitive Guide
With the growing use of mobile applications, the security of these applications has become a key...
Basics of Pentest on AWS Environment
Basics of Pentest on an AWS Environment Preparation and Authorization a. Obtain...
Misusing OAuth 2.0 Client Credentials in Public Apps — A Security Breakdown
Public-facing apps like React, Flutter, or plain JavaScript often make a critical OAuth mistake: they...
![Getting Started - Web Enumeration Walkthrough (Hack The Box) [Hindi]](https://media2.dev.to/dynamic/image/width=1000,height=500,fit=cover,gravity=auto,format=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvq7twwfz98hl4cjtbvxc.png)
Getting Started - Web Enumeration Walkthrough (Hack The Box) [Hindi]
🛠 Getting Started - Web Enumeration Walkthrough (Hack The Box) [Hindi]: 💡 Question: Run some of the...
Mastering Cybersecurity: A Guide to Pentest+, CySA+, and SecurityX Certifications
Introduction As cyber threats continue to evolve, organizations require skilled...
Why “Think Like an Attacker” is harmful FT: Threat Modeling?
Before we start , just quick reminder it’s Threat Modeling not Modelling. Now let recall basic...
Hacking Hidden Paths with ffuf - Web Fuzzing Made Simple
A couple of weeks ago, someone emailed me some personal files and videos I have forgotten I have left...
![Getting Started - Web Enumeration Walkthrough (Hack The Box) [Urdu]](https://media2.dev.to/dynamic/image/width=1000,height=500,fit=cover,gravity=auto,format=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fe0fjpr61hl5yu68932r9.png)
Getting Started - Web Enumeration Walkthrough (Hack The Box) [Urdu]
🛠 Getting Started - Web Enumeration Walkthrough (Hack The Box) [Urdu] 💡 Question: Run some of the...
Getting Started - Web Enumeration Walkthrough (Hack The Box)
🛠 Getting Started - Web Enumeration Walkthrough (Hack The Box): > 💡 Question: Run some...
MCP + VS Code: Assisted pentest on an HTB box — from install to first flag
TL;DR: In this tutorial you will install Kali + MCP from scratch, connect VS Code as an MCP client,...