Not All Penetration Tests Are Created Equally
In the dynamic world of cybersecurity, penetration testing (pen testing) has become a cornerstone for businesses seeking to fortify their defenses against cyber threats. However, it’s crucial to understand that not all Penetration Tests are created equally. At Brackish Security,...
IIS Short File Name Enumeration
Microsoft IIS short file name enumeration is a technique used to discover the filenames and directories on a web server running IIS. This method exploits a feature in IIS related to how it handles file and directory names. This vulnerability...
Shodan Series Part 1: The Accidental Open Door
We wanted to create this blog series to highlight how important regular penetration testing is and how it effectively reduces risk. This week we will focus on port 3389, traditionally used for Windows Remote Desktop Protocol (RDP), which allows users...
Even More MobSF – Mobile Application Penetration Testing #4
Welcome to part four of our long-running series on mobile application penetration testing. If you haven’t read our previous post, go take a look. Today’s post will finish up our coverage of MobSF report output from an Android APK file....
Penetration Testing for Small Businesses: Why It’s Crucial and How to Get Started
In today’s digital age, where online transactions and interactions form the backbone of most businesses, cybersecurity has emerged as a paramount concern. For small businesses, especially, navigating the vast and often murky waters of cybersecurity can seem daunting. Yet, the...
Software and Data Integrity Failures – OWASP Top Ten
Welcome to the final entry in our OWASP Top Ten Series – Software and Data Integrity Failures. If you haven’t read any of the previous ones, check them out. Among the OWASP Top Ten entries, Software and Data Integrity Failures...
More MobSF – Mobile Application Penetration Testing #3
Welcome back for Part 3 of our series on Mobile Application Penetration Testing. If you haven’t read Part 1 or Part 2, go ahead and take a look. In this post we will go over some more of the MobSF...
What is the Difference Between Vulnerability Assessments and Penetration Testing?
In the ever-evolving world of cybersecurity, businesses often come across terms like ‘vulnerability assessments‘ and ‘penetration testing‘. While they might seem interchangeable to the untrained eye, they serve distinct purposes. Both are critical components of a comprehensive security strategy, but...
AI-Enhanced Reconnaissance: Fueling Sophisticated Security Breaches
In today’s interconnected business ecosystem, maintaining a robust cybersecurity posture is not just about thwarting cyber threats—it’s about ensuring trust, reputation, and meeting the growing maze of regulatory standards. Brackish Security delves into how penetration testing can play an instrumental...
Does Affordable Penetration Testing Exist?
Affordable Penetration Testing: A Necessity, Not A Luxury In today’s interconnected world, it’s not a question of if your business will face a cyber threat, but when. As cyber threats continue to evolve, businesses of all sizes find themselves in...