Today we look at the three most common security-critical vulnerabilities that our analysts have identified in Active Directory Pentests (AD Pentests) in recent years.
Pentests & Security Analyses
Coffee Break with Pentesters: 5 Questions about Black Hat & DEF CON 2024
“Have you heard? We can present the CSTC at Black Hat again.” - This or something similar is how a chat at the coffee machine between Matthias...
Anatomy Lesson from the Perspective of a Pentester - Guest Lecture at Johannes Gutenberg University Mainz
On July 15, 2024, Matthias Goehring, Head of usd HeroLab, was invited once again to give a guest lecture for the “IT Security” class by Prof. Dr....
Top 3 Vulnerabilities in Web Applications
During their penetration tests (pentests), our security analysts at usd HeroLab repeatedly uncover vulnerabilities that pose significant...
Top 3 Vulnerabilities in SAP Pentests
During their penetration tests (pentests), our security analysts at usd HeroLab repeatedly uncover vulnerabilities that pose significant risks to...
Security Advisory on WeKan
The pentest professionals at usd HeroLab examined the open source application WeKan during their pentests. This application offers users a solution...
Top 3 Vulnerabilities in Fat Client Pentests
During their penetration tests (pentests), our security analysts at usd HeroLab repeatedly uncover vulnerabilities that pose significant risks to...
DORA Deep Dive: Threat-Led Penetration Testing (TLPT)
The Digital Operational Resilience Act (DORA) will apply as of January 17, 2025. In addition to routine operational resilience testing, DORA will...
Security Advisory on Gambio
The pentest professionals at usd HeroLab examined the online shop software Gambio during their pentests. The software offers merchants various...
Hacker Contest Winter Semester 2023/2024: 29 Students. 14 Vulnerabilities. 1 CVE. Countless Practical Insights.
Practical knowledge is often neglected during studies - but not for students at TU Darmstadt. In the winter semester, Matthias Göhring, Tobias...
Connect and Go: The usd OrangeBox Makes Preparing for Remote Pentests Easy
A penetration test or pentest provides answers to the question of whether attackers can penetrate your IT infrastructure. There are two ways in...
Top 3 Vulnerabilities in Mobile App Pentests
During their penetration tests (pentests), our security analysts at usd HeroLab repeatedly uncover vulnerabilities that pose significant risks to...