where-is-the-risk Vulnerability, Control, and Risk are not same As Pentester, auditor, or risk assessor, it is important to understand difference
where-is-the-risk 'Lack of CAPTCHA' is not always a valid vulnerability or risk CAPTCHA is a valid security control. However, lack of it may not be a valid vulnerability in all cases and 'lack of CAPTCHA' is definitely not a risk. May be part of risk.
career-advice Risks of a cybersecurity career Cybersecurity is one of buzz-words promising the la-la land these days. Everyone is running towards it. However, it will help if one is aware of the 2 big risks.
career-advice A Day in a Pen-tester’s life My 2 cents on a day in a pentester's life, from the vantage point of someone who does it (sometimes) but observes it (a lot). TLDR - it is not all pentesting!
pentest Do not kill your pentester for little or no value-add How to get more value out of a pentest.
pentester External Network VAPT: tools, information sources This is a live post; it will undergo changes, which are captured in change log, provided at the end of this post.
pentester How to download Nessus Pro using cURL… assuming you have a valid account with tenable and have paid for your license.