Pen Test

What’s the difference between Pen Testing, Red Teaming, and Threat Hunting?

At first glance, it seems like pen testing, red teaming, and threat hunting all seem like a fancy way of saying the...

How to Hack Through a Pass-Back Attack

A Pen Tester’s Guide to Printer Hacking What is an MFP anyway? Multi-Function Peripherals (MFPs) are an underutilized target in...

3 Vulnerabilities to be on the Lookout for in 2020

3 Vulnerabilities to be on the Lookout for in 2020 1.Security Misconfigurations What is a security misconfiguration? A security misconfiguration...

2018 YEAR IN REVIEW: Open Source Collaboration

Supporting Open Source At MindPoint Group we recognize the value that open source software provides and we work to support...

REST Assured: Penetration Testing REST APIs Using Burp Suite: Part 3 – Reporting

Welcome back to the REST Assured blog series for Part 3: Reporting. While often overlooked by security professionals, compiling reports...

REST Assured: Penetration Testing REST APIs Using Burp Suite: Part 2 – Testing

Welcome back! In part 1 of REST Assured blog series, we discussed the definitions and history behind APIs, and we...

Conducting and Detecting Data Exfiltration

How to Conduct and Detect Data Exfiltration Is your organization taking proactive measures to prevent a data breach?  From 2016...

CloudFront Hijacking

I recently spent some time exploring the issue of CloudFront domain hijacking. This is not a new issue but I...

Lateral Movement with PSExec

Lateral Movement: An Overview During the early stages of an engagement, penetration testers look to gain a foothold into the...

Stop by Booth 118 @ AWS re:Invent to Learn How We Can Secure Your Cloud

Electronic Voting for the 21st Century

With the election year ahead it behooves us to take a look at the security of our voting systems and...

Privilege Escalation via Group Policy Preferences (GPP)

While this is not a new topic in the penetration testing world by any means [Chris Gates (@carnal0wnage) and others...