The Importance of Comprehensive IoT Penetration Testing in Modern Cybersecurity
IoT Penetration Testing is needed in today’s dynamic landscape of the Internet of Things (IoT), where everyday devices are interconnected and smarter than ever. Comprehensive IoT Penetration Testing emerges as a crucial strategy for businesses and individuals alike to fortify...
Shodan Series Part 2: The Untraditional Web Ports
Our goal of this series is to revisit Shodan and demonstrate to IT admins and business owners, how much an attacker can glean of a network without sending any packets to the actual to an organization. Our last post focused...
The Power of Password Complexity
In the constantly evolving landscape of cybersecurity, two factors consistently play pivotal roles in safeguarding digital assets: password complexity and regular penetration testing. At Brackish Security, we’ve seen firsthand how these elements work in tandem to fortify defenses against cyber...
Not All Penetration Tests Are Created Equally
In the dynamic world of cybersecurity, penetration testing (pen testing) has become a cornerstone for businesses seeking to fortify their defenses against cyber threats. However, it’s crucial to understand that not all Penetration Tests are created equally. At Brackish Security,...
IIS Short File Name Enumeration
Microsoft IIS short file name enumeration is a technique used to discover the filenames and directories on a web server running IIS. This method exploits a feature in IIS related to how it handles file and directory names. This vulnerability...
Shodan Series Part 1: The Accidental Open Door
We wanted to create this blog series to highlight how important regular penetration testing is and how it effectively reduces risk. This week we will focus on port 3389, traditionally used for Windows Remote Desktop Protocol (RDP), which allows users...
Even More MobSF – Mobile Application Penetration Testing #4
Welcome to part four of our long-running series on mobile application penetration testing. If you haven’t read our previous post, go take a look. Today’s post will finish up our coverage of MobSF report output from an Android APK file....
Penetration Testing for Small Businesses: Why It’s Crucial and How to Get Started
In today’s digital age, where online transactions and interactions form the backbone of most businesses, cybersecurity has emerged as a paramount concern. For small businesses, especially, navigating the vast and often murky waters of cybersecurity can seem daunting. Yet, the...
Software and Data Integrity Failures – OWASP Top Ten
Welcome to the final entry in our OWASP Top Ten Series – Software and Data Integrity Failures. If you haven’t read any of the previous ones, check them out. Among the OWASP Top Ten entries, Software and Data Integrity Failures...
More MobSF – Mobile Application Penetration Testing #3
Welcome back for Part 3 of our series on Mobile Application Penetration Testing. If you haven’t read Part 1 or Part 2, go ahead and take a look. In this post we will go over some more of the MobSF...