Scanning SSL/TLS configurations is part of every pentesters skillset and an often occurring task. In order to detect some of the issues, for example the use of SSLv2, certain requirements have to be met by the scanning tool. In the mentioned example, it’s that the scanner must have been build with s...
Since a lot of people are apparently unfamiliar with the concept of penetration tests, or pentests for short, I want to give a short introduction to what we feel defines a good pentest. In order to give you a good overview, I will go through the following questions. What exactly is a penetration...