The PCI Security Standards Council released a Penetration Testing Guidance information supplement in March 2015. This document, while geared towards the Payment Card Industry, provides a lot of valuable advice to the providers of penetration tests and their clients, regardless of industry. At 40 pages in length the document might seem a bit heavy, so …
Secure Ideas is excited to announce the latest class in our Professionally Evil Course series: Ride Along Penetration Testing. This course will be held on October 9th at 2PM eastern. Unlike so many other courses, this is not a typical “here is a tool and how to use it” course. In this 2 hour course, James …
Professionally Evil Courses: Ride Along Penetration Testing Read More »
Secure Ideas is excited to announce the latest class in our Professionally Evil Course series: Ride Along Penetration Testing. This course will be held on March 11th at 2PM eastern. Unlike so many other courses, this is not a typical “here is a tool and how to use it” course. In this 2 hour course, …
Professionally Evil Courses: Ride Along Penetration Testing Read More »
The first stage of almost every successful penetration test is the reconnaissance phase. During this phase of an engagement we scour publicly accessible resources for information about the target that will provide insight and direction for later phases. We look for information that was made public intentionally, and sometimes unintentionally, that tells us more about …
James and I recorded the next episode of the Professionally Evil Perspective podcast this morning. In it we get back to walking through the methodology that we use during a web application penetration test. We had covered recon and mapping, so in this episode we go through the third step; discovery! James and I discuss …
Professionally Evil Perspective Podcast – Methodology Continues with Discovery Read More »