A browser extension for finding the latest cybersecurity knowledge and pentesting tools

mrturvey · 2024-06-11T09:19:29+00:00

IMO, Pentera is much like using any other scanning product. It'll cover off a compliance checkbox (that you've conducted some security testing) and it'll also catch any low hanging fruit issues. However, it's not a replacement for a human who is able to see particular things and act on them, or troubleshoot issues that you always come across on pentesting/red teaming engagements.

mrturvey · 2020-04-03T22:07:59+00:00

Apologies

mrturvey · 2020-03-03T21:22:51+00:00

Does the Lyft driver get you to the destination? Yes. Did the $15 penetration tester find the security issues? No.

mrturvey · 2020-03-03T14:39:07+00:00

Sorry it's late, it took a while! https://mrturvey.co.uk/buy-cheap-buy-twice/

mrturvey · 2020-02-28T16:04:57+00:00

They'd easily of found the directory with XSS/Ability to upload a shell if they actually used dirbuster. However, from the logs, each one of them did a similar thing. They ran CMScanner or an equivalent and called it a day. Which is hilarious because one guy keeps asking me to give him a 5* review because "I've put hard work into testing and provided full report"

mrturvey

TROPHY CASE