Penetration Testing for Small Businesses: Why It’s Crucial and How to Get Started
In today’s digital age, where online transactions and interactions form the backbone of most businesses, cybersecurity has emerged as a paramount concern. For small businesses, especially, navigating the vast and often murky waters of cybersecurity can seem daunting. Yet, the...
More MobSF – Mobile Application Penetration Testing #3
Welcome back for Part 3 of our series on Mobile Application Penetration Testing. If you haven’t read Part 1 or Part 2, go ahead and take a look. In this post we will go over some more of the MobSF...
AI-Enhanced Reconnaissance: Fueling Sophisticated Security Breaches
In today’s interconnected business ecosystem, maintaining a robust cybersecurity posture is not just about thwarting cyber threats—it’s about ensuring trust, reputation, and meeting the growing maze of regulatory standards. Brackish Security delves into how penetration testing can play an instrumental...
Turkeys Will Get Stuffed Soon. Credentials Will Get Stuffed Now.
Introduction Credential stuffing is a form of cyberattack where attackers use automated scripts to try a large number of username and password combinations (usually obtained from previous breaches) on multiple websites, hoping that individuals have reused their credentials. While this...
Unmasking the Shadows: The Unseen Vulnerabilities Within Your Walls
Prior to reading this, please check out a previous blog of ours on how important an external penetration test is. https://brackish.io/guarding-the-digital-front-door-the-external-penetration-test Hey there, security enthusiasts and curious minds alike! Today, we are taking a deep dive into a topic that’s...
Guarding the Digital Front Door: The External Penetration Test
The demand and pressure for penetration testing services are growing every day – ethical hackers are racing to find all the vulnerabilities before the not so ethical ones do. The subject of penetration testing has expanded and deepened, with each...
White Box Web Application Testing for Pentesters and Bug Bounty Hunters
White box web application penetration testing is one of my favorite things to do in the security world. If you’re new to this, “white box” means you have access to the source code of the application you’re testing. Keep in...
OWASP Top Ten – Insecure Design
Insecure Design was a new entry when the latest version of the OWASP Top Ten was released in 2021. An really, what it gets at is a good lesson – Designing an application with security in mind can go a...
OWASP Top Ten – Broken Access Control
First things first, did you know that the OWASP acronym has changed from Open Web Application Security Project to Open Worldwide Application Security Project? Neither did we! But onto the real stuff. Today we have another entry in the OWASP...
The Shield of Cyberspace: Understanding Web Application Firewalls
Introduction In our digital age, data security has grown into an essential necessity, not just a luxury. As companies depend heavily on web applications to offer their services, protecting these platforms against cyber threats becomes crucial. Here enters the Web...