Penetration Testing Is Not Vulnerability Scanning
Penetration testing is not vulnerability scanning and should not be confused. Vulnerability scanning is one of the first parts of the penetration test process. I
At Dionach we are proud of our well-established research and development programme. Our team of consultants are focused on continually uncovering new technical vulnerabilities in software and hardware, raising the bar in security assessment services and sharing our knowledge through whitepapers and various industry channels.
Through the responsible disclosure process we have published numerous vulnerabilities in leading software applications that our team has identified.
As part of our commitment to remaining vendor independent and offering the best technical solution to each client engagement, we also develop proprietary security tools for testing methods including vulnerability scanning, spear phishing and security auditing. In practice, our consultants have a wide range of commercial, open-source and custom tools at their disposal to deliver industry-leading outcomes for our client base.
Some of our custom tools are published as open source on Dionach’s GitHub page: https://github.com/Dionach.
Penetration testing is not vulnerability scanning and should not be confused. Vulnerability scanning is one of the first parts of the penetration test process. I
There is a security value of the Robots.txt file but there are flaws such as ‘disallow’ entries revealing hidden folders, password lists and database backups.
There is an update to ISO 27001 planned for 2013 whereby the management system standards will be harmonised, the dropping of Plan Do Check Act
An informative guide for using blind SQL injection on web services during penetration tests, using Python. There is plenty of documentation for using blind SQL injection in
Based on a review of 20 gap audit reports for a variety of organizations, this article should help your organization if you are considering ISO
This article demonstrates real-world examples of the different types of flaws found only through manual testing. Application-Penetration-Testing-Versus-Vulnerability-Scanning.pdf (823 KB) Find out how we can help with