Many times I have encountered a problem with projects where large scanning of network host is required. In that case, you simply cannot expect your consultant to scan each host individually, analyze output and list down all vulnerable ports/services. Yes..we can even detect open ports with Nessus but still it has a host limitation per scan.

Off late, code reviews have been gaining a lot of popularity. Organizations which till recently were content with a secure network and an occasional Penetration Test are now getting their application’s code reviewed before going live.

There have been times when a penetration tester is not able to install iOS application on a physical device while performing iOS application security assessment. This can happen due to various reasons

One word answer “NO”. This is based on my experience w.r.t cleaning Wordpress (WP) sites against malware attack. Hackers mostly attack CMS based websites i.e.

This is rather be a quick post and intended to be a reference note for me (and you all).

It is always been a pain to run Nessus when you have long list of IPs to be scanned within a short period of time. This typically happens when you are engaged in an internal pentest and you have multiple IPs to scan.