#pentesters — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #pentesters, aggregated by home.social.
-
😱 In just one week, over 500,000 people learned how to use #OSINT to prepare for physical #intrusions!
⛓️💥 With several years of experience in physical security audits, Sylvain Hajri, CEO of Epieos, shared his expertise during his interview on #Underscore_ , the leading French #IT and #hacking talk show hosted by #Micode.
Watch the full video here ( 🇨🇵 and 🇺🇲 versions available):
👉 https://www.youtube.com/watch?v=L7dnmHnJbww&t=2008s&ab\_channel=Underscore\_🥷 This video, it’s an excellent way for #pentesters and #cybersecurity professionals to educate those around them, both individuals and organizations, about what #redteams are and how they operate.
-
😱 In just one week, over 500,000 people learned how to use #OSINT to prepare for physical #intrusions!
⛓️💥 With several years of experience in physical security audits, Sylvain Hajri, CEO of Epieos, shared his expertise during his interview on #Underscore_ , the leading French #IT and #hacking talk show hosted by #Micode.
Watch the full video here ( 🇨🇵 and 🇺🇲 versions available):
👉 https://www.youtube.com/watch?v=L7dnmHnJbww&t=2008s&ab\_channel=Underscore\_🥷 This video, it’s an excellent way for #pentesters and #cybersecurity professionals to educate those around them, both individuals and organizations, about what #redteams are and how they operate.
-
😱 In just one week, over 500,000 people learned how to use #OSINT to prepare for physical #intrusions!
⛓️💥 With several years of experience in physical security audits, Sylvain Hajri, CEO of Epieos, shared his expertise during his interview on #Underscore_ , the leading French #IT and #hacking talk show hosted by #Micode.
Watch the full video here ( 🇨🇵 and 🇺🇲 versions available):
👉 https://www.youtube.com/watch?v=L7dnmHnJbww&t=2008s&ab\_channel=Underscore\_🥷 This video, it’s an excellent way for #pentesters and #cybersecurity professionals to educate those around them, both individuals and organizations, about what #redteams are and how they operate.
-
😱 In just one week, over 500,000 people learned how to use #OSINT to prepare for physical #intrusions!
⛓️💥 With several years of experience in physical security audits, Sylvain Hajri, CEO of Epieos, shared his expertise during his interview on #Underscore_ , the leading French #IT and #hacking talk show hosted by #Micode.
Watch the full video here ( 🇨🇵 and 🇺🇲 versions available):
👉 https://www.youtube.com/watch?v=L7dnmHnJbww&t=2008s&ab\_channel=Underscore\_🥷 This video, it’s an excellent way for #pentesters and #cybersecurity professionals to educate those around them, both individuals and organizations, about what #redteams are and how they operate.
-
😱 In just one week, over 500,000 people learned how to use #OSINT to prepare for physical #intrusions!
⛓️💥 With several years of experience in physical security audits, Sylvain Hajri, CEO of Epieos, shared his expertise during his interview on #Underscore_ , the leading French #IT and #hacking talk show hosted by #Micode.
Watch the full video here ( 🇨🇵 and 🇺🇲 versions available):
👉 https://www.youtube.com/watch?v=L7dnmHnJbww&t=2008s&ab\_channel=Underscore\_🥷 This video, it’s an excellent way for #pentesters and #cybersecurity professionals to educate those around them, both individuals and organizations, about what #redteams are and how they operate.
-
El lado del mal - The Hacker Labs: Aprender a ser Pentester haciendo retos CTF https://www.elladodelmal.com/2025/05/the-hacker-labs-aprender-ser-pentester.html #CTF #hacking #Pentest #Pentesting #Pentesters #CON
-
#pentesters : What are some gripes you have with Burp and/or Caido?
-
Really excited to be presenting Faction at @phreaknic 25! If you're tired of writing
#pentest
reports and wish to collaborate more with your fellow
#pentesters
then check out my talk 5:00pm - 5:30pm on Friday Nov. 8 🚀 -
ran ptf on the kali ai lab box after inaging and doing timeshift incremental backups - the python venv is kind of confusing, it used to be basic and straightforward, now it is a bit more involved #ptf #install it all #standards committee #pentesters framework github
-
#Hacking is not just #OldSchool tooling and techniques. Modern #MobileApps are a fun target for #ReverseEngineers and #Pentesters alike. A fundamental tool to properly hack mobile apps is @fridadotre by @oleavr.
We continue our tour of my @github projects with my humble contributions to this field:
https://github.com/0xdea/frida-scriptsFor a well-maintained project that includes some of my #Frida scripts, check out #Brida by @apps3c and Piergiovanni Cipolloni:
https://github.com/federicodotta/BridaAnd even after many years, if you search for well-crafted Frida scripts to bypass certificate pinning or root detection, there’s a very good chance that you’ll stumble upon the work of some of my colleagues… Very proud of my team at @hnsec!
-
#Hacking is not just #OldSchool tooling and techniques. Modern #MobileApps are a fun target for #ReverseEngineers and #Pentesters alike. A fundamental tool to properly hack mobile apps is @fridadotre by @oleavr.
We continue our tour of my @github projects with my humble contributions to this field:
https://github.com/0xdea/frida-scriptsFor a well-maintained project that includes some of my #Frida scripts, check out #Brida by @apps3c and Piergiovanni Cipolloni:
https://github.com/federicodotta/BridaAnd even after many years, if you search for well-crafted Frida scripts to bypass certificate pinning or root detection, there’s a very good chance that you’ll stumble upon the work of some of my colleagues… Very proud of my team at @hnsec!
-
#Hacking is not just #OldSchool tooling and techniques. Modern #MobileApps are a fun target for #ReverseEngineers and #Pentesters alike. A fundamental tool to properly hack mobile apps is @fridadotre by @oleavr.
We continue our tour of my @github projects with my humble contributions to this field:
https://github.com/0xdea/frida-scriptsFor a well-maintained project that includes some of my #Frida scripts, check out #Brida by @apps3c and Piergiovanni Cipolloni:
https://github.com/federicodotta/BridaAnd even after many years, if you search for well-crafted Frida scripts to bypass certificate pinning or root detection, there’s a very good chance that you’ll stumble upon the work of some of my colleagues… Very proud of my team at @hnsec!
-
#Hacking is not just #OldSchool tooling and techniques. Modern #MobileApps are a fun target for #ReverseEngineers and #Pentesters alike. A fundamental tool to properly hack mobile apps is @fridadotre by @oleavr.
We continue our tour of my @github projects with my humble contributions to this field:
https://github.com/0xdea/frida-scriptsFor a well-maintained project that includes some of my #Frida scripts, check out #Brida by @apps3c and Piergiovanni Cipolloni:
https://github.com/federicodotta/BridaAnd even after many years, if you search for well-crafted Frida scripts to bypass certificate pinning or root detection, there’s a very good chance that you’ll stumble upon the work of some of my colleagues… Very proud of my team at @hnsec!
-
#Hacking is not just #OldSchool tooling and techniques. Modern #MobileApps are a fun target for #ReverseEngineers and #Pentesters alike. A fundamental tool to properly hack mobile apps is @fridadotre by @oleavr.
We continue our tour of my @github projects with my humble contributions to this field:
https://github.com/0xdea/frida-scriptsFor a well-maintained project that includes some of my #Frida scripts, check out #Brida by @apps3c and Piergiovanni Cipolloni:
https://github.com/federicodotta/BridaAnd even after many years, if you search for well-crafted Frida scripts to bypass certificate pinning or root detection, there’s a very good chance that you’ll stumble upon the work of some of my colleagues… Very proud of my team at @hnsec!
-
I'm happy to be here and after thinking about attending a security test course I decided to focus on creating a #GNU #Linux #Debian #distro which is focused on #security for #sysadmins #developers #pentesters and #artists called #procyberian #ProcyberianSystemsDistribution and then now let's say #happhacking !
https://github.com/procyberian is our home for our projects ! #github
Thanks !
-
I'm happy to be here and after thinking about attending a security test course I decided to focus on creating a #GNU #Linux #Debian #distro which is focused on #security for #sysadmins #developers #pentesters and #artists called #procyberian #ProcyberianSystemsDistribution and then now let's say #happhacking !
https://github.com/procyberian is our home for our projects ! #github
Thanks !
-
I'm happy to be here and after thinking about attending a security test course I decided to focus on creating a #GNU #Linux #Debian #distro which is focused on #security for #sysadmins #developers #pentesters and #artists called #procyberian #ProcyberianSystemsDistribution and then now let's say #happhacking !
https://github.com/procyberian is our home for our projects ! #github
Thanks !
-
I'm happy to be here and after thinking about attending a security test course I decided to focus on creating a #GNU #Linux #Debian #distro which is focused on #security for #sysadmins #developers #pentesters and #artists called #procyberian #ProcyberianSystemsDistribution and then now let's say #happhacking !
https://github.com/procyberian is our home for our projects ! #github
Thanks !
-
I'm happy to be here and after thinking about attending a security test course I decided to focus on creating a #GNU #Linux #Debian #distro which is focused on #security for #sysadmins #developers #pentesters and #artists called #procyberian #ProcyberianSystemsDistribution and then now let's say #happhacking !
https://github.com/procyberian is our home for our projects ! #github
Thanks !
-
With the new #opensource tool Swagger Jacker, #pentesters can automate analysis of response codes for each #API defined route, streamline manual testing capabilities with #curl command creation, and gather #endpoint routes.
-
Hey, #appsec and #pentesters ! how many of you use automated report-writing tools for security assessments and what do you use?
-
Auditing #API endpoints after discovering a public hosted specification file is no small feat for #pentesters. Enter the new #opensource tool from Tony West (@un4gi_io), Swagger Jacker. He’ll walk you through how to use this new #pentesting tool in our next #BFLive training session. 🔨
And afterwards, we’ll be doing a quick #AMA with Tony in our #Discord server, which you can join at the link! It’s an active group consisting of 1600+ #infosec community members.
-
#pentesters when ever an inconvenience happens #hacking #infosec meme
-
Question for all #pentesters : Assume you have got access to user's Home directory via a exploit which allows you to read the file if you know the file name. What files would you like to read?
-
The Weird, Big-Money World of Cybercrime Writing Contests - The competitions, which are held on Russian-language cybercrime forums, offer prize money... - https://www.wired.com/story/hacking-contests-cybercriminals/ #security/cyberattacksandhacks #security/securitynews #pentesters #security
-
Lots of useful information in this article for both #researchers and #pentesters (and #defenders of course)
#mTLS: When certificate authentication is done wrong
https://github.blog/2023-08-17-mtls-when-certificate-authentication-is-done-wrong/
-
PowerShell commands, scripts and payloads to Enumerate, Edit and manipulate Windows Systems: https://github.com/Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters
-
I actually did useful #InfoSec work today. Picked apart a “Free Security Scan!” report tossed at us by an irate client.
I really wish cheap-ass “#pentesters” would learn to recognize distro-maintained versions of major packages. I do not need a list of the scores of CVE’s for httpd that have been mitigated by ASF since RedHat bumped the nominal version of their custom-patched package. Scans like that just make people angry at their lazy sysadmins. Who are not in fact being lazy.
-
Building detailed maps of web applications and their supporting #JavaScript code and files is paramount to #vulnerability discovery in #offensivesecurity testing.
But for #pentesters, discovering the deepest, darkest secrets in JavaScript can be like mining for gold, sifting through copious amounts of extraneous information to find the smallest bits of criticality that expose weak points in applications. Knowing where to turn for the latest and greatest JavaScript mining tool developments is worth its weight in gold for #offsec practitioners needing to constantly increase efficiency and efficacy in web application penetration testing.
See how the #opensource tool jsluice can help during the next #BFLive #ToolTalk, featuring @tomnomnom.
bfx.social/3PQ85I2
-
Jsluice is the newest tool from Tom Hudson, and in this month's #ToolTalk #BFLive event, he'll show you how to get the most from this #opensource, Go package and command-line tool used for extracting URLs, paths, secrets, and other interesting data from #JavaScript source code. This is a must-watch for #pentesters.
-
Have you added CloudFoxable to your playground #AWS account? This tool by @sethsec is built to help #pentesters with AWS #Cloud testing, while showcasing CloudFox’s capabilities that help locate latent #attackpaths. It is inspired by #CloudGoat, flaws.cloud, and #Metasploitable. https://bfx.social/43T4dtK
-
Have you added CloudFoxable to your playground #AWS account? This tool by @sethsec is built to help #pentesters with AWS #Cloud testing, while showcasing CloudFox’s capabilities that help locate latent #attackpaths. It is inspired by #CloudGoat, flaws.cloud, and #Metasploitable. https://bfx.social/43T4dtK
-
Have you added CloudFoxable to your playground #AWS account? This tool by @sethsec is built to help #pentesters with AWS #Cloud testing, while showcasing CloudFox’s capabilities that help locate latent #attackpaths. It is inspired by #CloudGoat, flaws.cloud, and #Metasploitable. https://bfx.social/43T4dtK
-
Have you added CloudFoxable to your playground #AWS account? This tool by @sethsec is built to help #pentesters with AWS #Cloud testing, while showcasing CloudFox’s capabilities that help locate latent #attackpaths. It is inspired by #CloudGoat, flaws.cloud, and #Metasploitable. https://bfx.social/43T4dtK
-
Have you added CloudFoxable to your playground #AWS account? This tool by @sethsec is built to help #pentesters with AWS #Cloud testing, while showcasing CloudFox’s capabilities that help locate latent #attackpaths. It is inspired by #CloudGoat, flaws.cloud, and #Metasploitable. https://bfx.social/43T4dtK
-
Looking for Cybersecurity experts, Pen Testers or Compliance Specialists? Try https://infosec-jobs.com/talent/search/ #CyberTalent #Cybersecurity #InfoSec #InfoSecJobs #cyberjobs #workincyber #engineering #compliancejobs #freelance #pentesters #talentpool #talentsearch
-
Looking for Cybersecurity experts, Pen Testers or Compliance Specialists? Try https://infosec-jobs.com/talent/search/ #CyberTalent #Cybersecurity #InfoSec #InfoSecJobs #cyberjobs #workincyber #engineering #compliancejobs #freelance #pentesters #talentpool #talentsearch
-
Looking for Cybersecurity experts, Pen Testers or Compliance Specialists? Try https://infosec-jobs.com/talent/search/ #CyberTalent #Cybersecurity #InfoSec #InfoSecJobs #cyberjobs #workincyber #engineering #compliancejobs #freelance #pentesters #talentpool #talentsearch
-
Looking for Cybersecurity experts, Pen Testers or Compliance Specialists? Try https://infosec-jobs.com/talent/search/ #CyberTalent #Cybersecurity #InfoSec #InfoSecJobs #cyberjobs #workincyber #engineering #compliancejobs #freelance #pentesters #talentpool #talentsearch
-
What the Vuln is a new technical #livestream series where in each episode our #offensivesecurity experts and #hackers deep dive and zero-in on one specific vulnerability that plagues organizations – from origins and technical components to how #pentesters can find and exploit the #vulnerability.
The first episode of our series explored Zimbra, and you can read the technical walkthrough of that #exploit here 👇
-
El lado del mal - "iBombShell: Revolution". Sólo para Pentesters! https://www.elladodelmal.com/2023/03/ibombshell-revolution-solo-para.html #pentest #pentesting #pentesters #hacking #metasploit #kali #powershell
-
Brazil seizing Flipper Zero shipments to prevent use in crime
#Flipper #Zero is a portable multi-function cybersecurity tool that allows #pentesters and #hacking enthusiasts to tinker with a wide range of hardware by supporting #RFID emulation, digital access #key #cloning, #radio communications, #NFC, #infrared, #Bluetooth, and more.
Flipper Zero has gained a reputation from users who showcased its hacking capabilities on social media to perform illegal activities such as unlocking cars, changing gas pump prices, intercepting and storing remote control signals, opening garage doors, and more.
Although the device does not use hardware that is illegal or impossible to find elsewhere, its market success fueled a wave of negative media attention that portrayed it as a risk to society.
-
Hey #pentesters and #redteamers
Is there any cyber conference worth attending in Europe?
-
Hey #pentesters and #redteamers
Is there any cyber conference worth attending in Europe?
-
Hey #pentesters and #redteamers
Is there any cyber conference worth attending in Europe?
-
Hey #pentesters and #redteamers
Is there any cyber conference worth attending in Europe?
-
We have open mid-level and senior pentest roles for the SensePost team in the UK, NL and ZA. You can apply here https://jobs.za.orangecyberdefense.com/jobs/2081206-security-analyst-pentester or just DM me.
We think it’s a nice place to work. A hacker culture. Research time for all analysts. Tons of internal learning. Deep care for everyone backed up by a low single digit hacker/manager ratio. Unheard of NPS scored from our customers (84 for 2022). Lots of training and conference opportunities.
-
✨ Cheatsheets for Pentesting
👉 A collection of snippets of codes and commands to make your life easier!
https://github.com/Kitsun3Sec/Pentest-Cheat-Sheets
#infosec #pentesters #redteaming #redteamtips #networksecurity
-
🪲 Bypassing OGNL sandboxes for fun and charities
👉 OGNL injections led to some serious remote code execution (RCE) vulnerabilities
https://github.blog/2023-01-27-bypassing-ognl-sandboxes-for-fun-and-charities/