Tag Archives: pen-testing

ContraRisk Security Podcast 0019: The evolution of pen-testing

» Listen or download now on the podcast page » For some organisations, penetration testing is merely a compliance requirement that they hope will find the minimum of weaknesses. For others, it’s a key step is discovering where their weaknesses lay, so they can fix them. But is pen-testing too often an afterthought, taking place after systems have been developed and… Read more »

Review: Instant Penetration Testing

By Vyacheslav Fadyushin. Published by: Packt Publishing. ISBN: 1849694125. 88pgs. Print & e-book editions. Penetration testing is becoming an increasingly sought-after skill. Greater security awareness, high-profile hacks of major organisations and, above all, growing compliance requirements all mean that more firms than ever are performing security audits. So it’s a skill worth acquiring. And even if you have no ambition to become… Read more »

Pen-testing with small networked devices

Pen testing has always been viewed by IT security and data governance professionals as something of an audit exercise, with the pen tester undertaking a series of proscribed and planned tests, then reporting back to the IT security manager – or client management professional – in a report format, complete with recommendations. Dr. Philip A. Polstra, Sr, a Professor in… Read more »

ContraRisk Security Podcast 0007: #BlackHatEU – iOS pen-testing and attacking SSL

» Listen or download now on the podcasts page » Vivek Ramachandran is perhaps best-known for his work on wifi security: he is, after all, the author of BackTrack 5 Wireless Penetration Testing. He’s also the founder and CEO of SecurityTube, which provides online security training. At Black Hat Europe 2013, however, his focus was elsewhere. Vivek presented a workshop on pen-testing… Read more »

ContraRisk Security Podcast 0006: #BlackHatEU – Kali Linux

» Listen now or download on the podcasts page » Offensive Security used Black Hat Europe in Amsterdam to launch the next incarnation of its popular pen-testing Linux distribution. BackTrack has now become Kali – a name derived from a warlike god or an African word meaning ‘hot’ or ‘fierce’ – take your pick. It represents a somewhat surprising change in direction…. Read more »

#BlackHatEU : When security appliances become your security problem

It’s a depressing fact that, sometimes, the very defences you put in place to protect your organisation can become the weakest point. In a presentation at Black Hat Europe, Ben Williams, a pen-tester with NCC Group, showed that many security products have flaws that can be exploited by attackers. It’s actually the second such presentation he’s given. The first was… Read more »

Review: BackTrack 5 Wireless Penetration Testing

Vivek Ramachandran. Published by Packt Publishing (ISBN: 978-1-849515-58-0). Price: $49.99, 208pgs, paperback. It says something for the ubiquitious nature of wifi that this subject warrants a book to itself. Wireless networks are everywhere – some would argue they’re in too many places. And as we discuss in the article on pg.14 of this issue, the technologies that are supposed to… Read more »