Affordable Penetration Testing: A Necessity, Not A Luxury In today’s interconnected world, it’s not a question of if your business will face a cyber threat, but when. As cyber threats continue to evolve, businesses of all sizes find themselves in the crosshairs of potential attacks. But for small and medium-sized enterprises (SMEs), the idea of
In today’s interconnected world, cyber resilience is not just about protecting data but is closely tied to an organization’s reputation and trustworthiness. A cyberattack doesn’t only translate to financial losses but can significantly tarnish a company’s image. A case in point is the recent cyberattack on Clorox, emphasizing the imperative of preemptive measures, particularly regular
There has been some buzz around Caido recently – a contender to the Burp crown. Brackish Security testers recently sat down and tried Caido out on some real pentests. Our findings follow. Keep in mind that Caido is still fairly new, while Burp has been in development and use for a very long time. Additionally,
Local administrator accounts are commonly used in Active Directory/internal networks to manage individual computers. These accounts have full control over the local computer, which can be a security risk if used carelessly. The use of local administrator accounts should be minimized to reduce the potential security vulnerabilities they pose to the network. One of the
WordPress is one of the most popular content management systems (CMS) in the world, powering over 40% of all websites on the internet. However, with great popularity comes a great responsibility to keep the WordPress installation secure. In this blog post, we’ll discuss some of the best practices that users should follow to ensure the
How ChatGPT Helps Us Recently, Brackish was conducting a phishing engagement, and we had the idea to try out ChatGPT to help us build our phishing infrastructure. We’ve already built this stuff manually, so this experiment would give us an idea of exactly how helpful ChatGPT can be for us in “real” situations. The Engagement
Introduction External attack surface management (ASM) refers to the process of identifying, analyzing, and mitigating security risks and vulnerabilities that originate from outside an organization’s network. The focus of external ASM is to protect against threats such as hackers, cybercriminals, and malicious software that can target public-facing systems and applications. These threats can pose a
Today we have another rate-limiting issue. While this one is not as impactful as the previous one – it’s still fun. Organizr is a self-hosted application written in PHP that basically helps you self-host other services at your home. It’s nifty application with a surprisingly large amount of functionality. We were recently poking at it