Andra Zaharia
Pentest-Tools.com, Head of Content & Community
Cyber-realist crushing infosec clichés through clarity, focus, and a solid moral code. Promoting cybersecurity literacy so we can all make smart decisions about how we allow our information society to evolve.
Posts by this author
-
-
Events
Year in review: 2021 on Pentest-Tools.com
Security is the gift that keeps on giving and never have we felt it like we did this year.
-
-
Platform Updates
Detect ProxyShell (pre-auth Microsoft Exchange RCE) with Pentest-Tools.com
On-prem Microsoft Exchange servers have created a lot of work for IT and security specialists in the past months. In March, ProxyLogon left servers vulnerable to Server-Side Request Forgery through CVE-2021-26855, so we launched a dedicated scanner for it. In May, #proxynotfound popped up, so we integrated detection for it into our Network Vulnerability Scanner to make detection and reporting faster.
-
Platform Updates
Detect Microsoft Exchange RCE #proxynotfound with our Network Vulnerability Scanner
Running on-prem Microsoft Exchange servers? If you didn’t catch the NSA boilerplate announcement, there’s another batch of vulnerabilities to scan for – and we built what you need.
-
Events
Pentest Robots - rocket fuel for pentesters, not their replacement
Let me say this from the start: full automation is the wrong approach for scaling penetration testing. The whole “machines will replace humans” view doesn’t sit well with us. It’s too simplistic and it fails to capture the complexity and depth involved in security testing and the larger information security ecosystem. So how come we launched pentest robots - an automation feature - at Black Hat Europe 2020?