Session hijacking is an attack that consists of exploiting the web applications users' session control in order to impersonate other...

What types of penetration testing do retail stores need? The types of penetration testing that retail stores need will directly be linked...

What is malicious code and what can it do? Malicious code usually performs actions against the user’s interest. This might be for example...

What are the prerequisites for doing CEH certification CEH or Certified Ethical Hacker (EC-Council) has a recommended requirement of two...

Session Fixation is an attack that allows a malicious actor to hijack a valid user session by forcing that user to use a fixed session ID.

Penetration testing software is the toolset of penetration testers. Learn more.

Network penetration tests are used to identify security weaknesses within the networks (both internal networks and external networks)....

A computer worm is a type of malware that propagates itself across a network by replication itself from host to host independently. They...

Cyber security enumeration is a process used by both security professionals and attackers alike to establish a collective knowledge of...

‘Vishing’ is a social engineering attack vector that uses the telephone (phone) network as a method to target potential victims. Learn more.

Red Teaming and Penetration Testing are useful practices for organizations looking to improve their security. Learn more.

Unless you are working directly with AWS then you will not be able to run a pentest against the AWS cloud environment directly. You are...

SQL (Structured Query Language) injection is an attack that exploits an insecure coding weakness within an application that interacts...

Broken authentication refers to a weakness in the design or implementation of access controls inherent in an online platform or application.

Linux is commonly the preferred operating system used by Ethical Hackers and 'Infosec' professionals due to the following factors...

Open-source software projects are, in theory, more secure than closed-source/proprietary software due to the clear disclosure of security...

The CIA triad is a security model of three core principles used within IT security and Information Security policies within an organisation.

Unlike the red team engagements, the purple-team testing is a collaborative exercise between both the red team and the blue team. Learn more

A red-team assessment is a simulated attack against an organisation using real-world information and threat intelligence analysis...

A physical penetration test is where an ethical hacker or social engineer will try to gain entry to one of your locations. Learn more.