Introduction Thousands of articles have been written about port scanning, discussing techniques, methodologies, tools... Yet, even in such a seemingly straightforward topic, there are several less-covered nuances. If you regularly scan subnets, participate in bug bounties, perform penetration testing, or automate this process, then this article might be useful to
Intro Our team has the challenge of finding bugs in popular Cloud-Native projects on Github. It's a fun activity that is a good alternative to platforms like HTB and benefits the project we're researching. However, unlike HTB, finding a bug is not guaranteed. We wanted to
We would like to describe how we discovered three RCE vulnerabilities, managed to escape the sandbox, and gained access to all of the company's servers. As part of the pentest, we identified a service for managing virtual and physical servers called Foreman. It appeared to be interesting to
In the world of application security, choosing the right Static Application Security Testing (SAST) tool can feel like a never-ending game of "Eeny, meeny, miny, moe." 🤔 But fear not, dear reader, for today we'll dive deep into the showdown of two popular SAST contenders: CodeQL and
Penetration testing (pentesting) is a crucial component of an effective security program. It involves simulating an attack on an organization's network or systems to identify vulnerabilities that could be exploited by malicious actors. A pentest can help identify security weaknesses that may have been overlooked or not yet
Congratulations on taking the next step toward ensuring the security of your startup! If you're reading this guide, chances are that you have received requests from your B2B sales partners or customers for SOC2 compliance, and you're now exploring your options to meet these requirements. As
The multitude of guidelines and regulations can be overwhelming, especially when it comes to understanding the penetration testing requirements for each. Determining what each compliance standard requires from a penetration test can be a headache, but it's crucial to get it right. To simplify the process, we'