Pentesting ELBs – Where Vulnerabilities Hide in Plain Sight
Vulnerabilities affecting ELBs can be easily overlooked. It's critical for pentesters to look out for these AWS features when analyzing an attack surface. The post Pentesting ELBs – Where Vulnerabilities Hide in Plain Sight appeared first on Virtue Security ... Read More
A Pentester’s Guide to Input Validation
Input Validation is a fundamental concept of penetration testing. This guide is written for new pentesters and developers looking to bolster these core skills. The post A Pentester’s Guide to Input Validation appeared first on Virtue Security ... Read More
API Penetration Testing Explained
API pentesting is a frequently misunderstood area of application security. Let's review core concepts of API pentesting and look at how these assessments are performed. The post API Penetration Testing Explained appeared first on Virtue Security ... Read More
HIPAA Penetration Testing – A Primer for Healthcare Security
Curious about what HIPAA requirements mean for your pentest? Let's review some technical examples of why pentesting in healthcare is so unique. The post HIPAA Penetration Testing – A Primer for Healthcare Security appeared first on Virtue Security ... Read More
Black Box vs. Gray Box vs. White Box Pentesting Explained
Black Box, Gray Box, and White Box pentests have pros and cons. Here we lay out all the differences to help you decide which one fits best. The post Black Box vs. Gray Box vs. White Box Pentesting Explained appeared first on Virtue Security ... Read More
AWS Penetration Testing: Essential Guidance for 2021
Pentesting on AWS can be difficult. With this guide you can ensure your pentest gets off to a successful start. The post AWS Penetration Testing: Essential Guidance for 2021 appeared first on Virtue Security ... Read More
Developing Like A Pentester – (And How To Reproduce Any Vulnerability)
Reproducing the vulnerabilities documented in a pentest report is a common engineering pain point. But aligning developer skills with the tooling used during the pentest can help confirm issues faster, and deploy fixes faster. The Tools Of The Trade BurpSuite (or “Burp”) is the industry standard framework for performing professional ... Read More
5 Tips for selecting a penetration testing company in 2020
Selecting a penetration testing company can be a pain. Here are five important tips to ensure you penetration testing vendor will set you up for success. The post 5 Tips for selecting a penetration testing company in 2020 appeared first on Virtue Security ... Read More
Evading Antivirus with Better Meterpreter Payloads
Evading antivirus is often an under appreciated art that can make or break a penetration test. Modern antivirus products can detect meterpreter payloads easily, and can leave a pentester falsely believing a system is not exploitable. To increase our overall success rate of exploitation we will create a custom meterpreter ... Read More