March 17, 2020
Coronavirus Update and Remote Internal Penetration Testing
With the COVID-19 pandemic Pentest People have followed Government advise and allowing all members to work remotely. During this period we will...
Find Out MoreSecurity Blog
Feature development & monitoring tips
Latest news
February 19, 2020
Pentest People on Crown Commercial Services Framework
Pentest People named as Supplier on Crown Commercial Services Framework This week saw Pentest People named as a supplier on the Crown...
Find Out More
February 17, 2020
PHP Deserialisation/Object Injection
PHP Deserialization vulnerabilities are rarely seen on Greybox application assessments, however these should not be overlooked. This blog will look at PHP...
Find Out More
February 10, 2020
What is Penetration Testing?
Penetration Testing can cover a multitude of platforms, but what is it? And why should most businesses in this day and age...
Find Out More
January 27, 2020
Injection Attacks
Injection Attacks are 1st in the OWASP TOP 10 list of vulnerabilities, they are not limited to SQL Injections. Here we talk...
Find Out More
January 21, 2020
Second Order SQL Injection (Part 3 of the SQL Series)
In our third part of our SQL Series we look at how to guard against a lesser known but just as serious...
Find Out More
January 10, 2020
Masquerade, cracking hashes with known formats
As a penetration tester, cracking hashes can be a great post exploitation activity for both the fun and value to a client,...
Find Out More
December 6, 2019
Email Address Validation
There are many ways to validates an email address, so let's have a look and talk about which method is best.
Find Out More
September 3, 2019
SQL Injection Is Still An Issue (Part 2 of the SQL Series)
As SQL is still the most common vulnerability in the OWASP Top 10, let's take a quick look at how this vulnerability...
Find Out More