Tag: penetration-testing
-
Password Spraying Attacks Hit Entra ID Accounts
Hackers Use TeamFiltration Penetration Testing Tool. A threat actor is using the password spraying feature of the TeamFiltration pentesting tool to launch attacks against Microsoft Entra accounts – and finding success. The threat actor has targeted more than 80,000 user accounts across roughly 100 cloud tenants. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/password-spraying-attacks-hit-entra-id-accounts-a-28682
-
LinuxFest Northwest: LFNW 2025: In The Beginning…
Author/Presenter: Jon “maddog” Hall (Board Chair Emeritus: Linux Professional Institute, Founder: Project Cauã, Co-Founder: Caninos Loucos, Technical Advisor: QSentinel, Executive Director: Linux® International®) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events…
-
OffensiveCon25 Keynote: Automating Your Job? The Future Of AI and Exploit Development
Author/Presenter: Perri Adams Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
Researchers warn of ongoing Entra ID account takeover campaign
Attackers are using the TeamFiltration pentesting framework to brute-force their way into Microsoft Entra ID (formerly Azure AD) accounts, Proofpoint researchers have … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/12/researchers-warn-of-ongoing-entra-id-account-takeover-campaign/
-
Password-spraying attacks target 80,000 Microsoft Entra ID accounts
Hackers have been using the TeamFiltration pentesting framework to target more than 80,000 Microsoft Entra ID accounts at hundreds of organizations worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/password-spraying-attacks-target-80-000-microsoft-entra-id-accounts/
-
OffensiveCon25 KernelGP: Racing Against The Android Kernel
Author/Presenter: Chariton Karamitas Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
Windows Netzwerkschwachstelle CVE-2025-33073 (Reflective Kerberos Relay Attack)
Zum 10. Juni 2025 hat Microsoft mit den Sicherheits-Updates für Windows auch die Schwachstelle CVE-2025-33073 gepatcht. Es handelt sich um eine Schwachstelle im Kerberos-Netzwerkprotokoll, die im Januar 2025 von RedTeam Pentesting entdeckt wurde. Nachfolgende lege ich einige Informationen zur Schwachstelle … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/11/windows-netzwerkschwachstelle-cve-2025-33073-reflective-kerberos-relay-attack/
-
OffensiveCon25 Breaking The Sound Barrier: Exploiting CoreAudio Via Mach Message Fuzzing
Author/Presenter: Dillon Franke Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
OffensiveCon25 Android InWild: Unexpectedly Excavating A Kernel Exploit
Author/Presenter: Seth Jenkins Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
Penetration Testing Phases: Steps, Tools Methodology
Penetration testing simulates cyberattacks to find risks. Explore the 7 key phases, tools, and methods to strengthen your security. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/networks/penetration-testing-phases/
-
OffensiveCon25 Parser Differentials: When Interpretation Becomes a Vulnerability
Author/Presenter: Joernchen Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock GCTI,…
-
OffensiveCon25 Entrysign: Create Your Own x86 Microcode for Fun and Profit
Authors/Presenters: Matteo Rizzo, Kristoffer `spq` Janke, Eduardo Vela Nava and Josh Eads Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to…
-
Kali GPT Revolutionizing Penetration Testing with AI on Kali Linux
In the rapidly evolving digital world, cybersecurity professionals are continually seeking innovative tools that not only streamline workflows but also empower users with deeper insights and automation capabilities. Enter Kali GPT, a groundbreaking AI assistant explicitly tailored for the Kali Linux ecosystem, engineered by XIS10CIAL. This article examines the origins, capabilities, and tangible benefits of…
-
Kali GPT-Revolutionizing Penetration Testing with AI on Kali Linux
In the rapidly shifting digital world, cybersecurity professionals are constantly seeking innovative tools that not only streamline workflows but also empower users with deeper insights and automation. Enter Kali GPT”, a groundbreaking AI assistant tailored specifically for the Kali Linux ecosystem, engineered by XIS10CIAL. This article explores the genesis, capabilities, and tangible advantages of Kali…
-
OffensiveCon25 Skin In The Game: Survival Of GPU IOMMU Irregular Damage
Authors/Presenters: Fish and Ling Hanqin Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists ::…
-
OffensiveCon25 No Signal, No Security: Dynamic Baseband Vulnerability Research
Authors/Presenters: Daniel Klischies and David Hirsch Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists…
-
Top AI-Driven Pentest Tools 2025
Artificial Intelligence, known to simplify complexities, is trending among organizations. Hence, AI being a buzzword is no more relevant in the context when looking at the near and far future of cybersecurity. The intricacy of cyber threats across industries increased the demand for AI-driven pentest tools in 2025. These smartest tools don’t just scan and……
-
OffensiveCon25 Attacking Browsers via WebGPU
Author/Presenter: Lukas Bernhard Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
OffensiveCon25 Keynote How Offensive Security Made Me Better at Defense
Author/Presenter: Dino Dai Zovi Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey…
-
OffensiveCon25 Garbage Collection In V8
Authors/Presenters: Richard Abou Chaaya and John Stephenson Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing…
-
OffensiveCon25 Finding and Exploiting 20-Year-Old Bugs in Web Browsers
Authors/Presenters: Ivan Fratric Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
OffensiveCon25 Frame By Frame, Kernel Streaming Keeps Giving Vulnerabilities
Authors/Presenters: Angelboy Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock GCTI,…
-
OffensiveCon25 Chainspotting 2: The Unofficial Sequel to the 2018 Talk >>Chainspotting<<
Author/Presenter: Ken Gannon Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
OffensiveCon25 Fighting Cavities: Securing Android Bluetooth By Red Teaming
Author/Presenter: Jeong Wook Oh, Rishika Hooda and Xuan Xing Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs ::…
-
API Security: The Importance of Vulnerability Assessment and Penetration Testing (VAPT)
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/api-security-the-importance-of-vulnerability-assessment-and-penetration-testing-vapt
-
OffensiveCon25 Hunting For Overlooked Cookies In Windows 11 KTM And Baking Exploits For Them
Authors/Presenters: Cedric Halbronn and Jael Koh Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists…
-
Product showcase: Smarter pentest reporting and exposure management with PlexTrac
The threat landscape is evolving faster than ever. Staying ahead means going beyond automated scans and check-the-box assessments. It demands continuous, hands-on testing … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/02/product-showcase-plextrac-pentest-reporting/
-
Review: Metasploit, 2nd Edition
Tags: penetration-testingIf you’ve spent any time in penetration testing, chances are you’ve crossed paths with Metasploit. The second edition of Metasploit tries to bring the book in line with how … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/02/review-metasploit-2nd-edition/
-
OffensiveCon25 Pwn20wn Winners Announcement
Author/Presenter: Brian Gore and Dustin Childs Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists…