Resources
Follow & Subscribe
Browse Classifications
- All Resources
- Strategic Content
- Technical Content
- Ahead of the Breach Podcast Content
- Partner Program Content
Browse Categories
- External Testing
- Internal Testing
- Social Engineering
- Web App Assessments
- Penetration Testing
- Cybersecurity
- Vulnerability Management
Browse Topics
- Continuous Penetration Testing
- Infrastructure
- Reconnaissance
- Credential Abuse
- Vulnerability Analysis
- Exploitation
- Defense Evasion
- Remediation and Defense
- Policy and Best Practices
- Research
- Offensive Security
- Adversary Simulation
- Channel
- Announcements
- Artificial Intelligence
- Application Security
Browse Tags
Latest External Testing Resources
Vulnerability Assessment Process and 5 Critical Best Practices
A vulnerability assessment identifies and evaluates potential security weaknesses in an organization's systems.
Read more
Understanding Pretexting: Techniques, Examples, and Prevention
Pretexting is a social engineering attack where the attacker fabricates a scenario (or pretext) to manipulate the target into divulging personal information. read more →
13 Common Attack Vectors and How to Defend Your Organization
An attack vector is the route or method employed by cybercriminals to gain unauthorized access to a computer, network, or system read more →
Quick Guide to Ethical Hacking: Methods, Tools & Best Practices
Ethical hacking involves testing computer systems or networks to identify and fix security vulnerabilities. read more →
How External Pentesting Works and Critical Best Practices
External penetration testing simulates cyber-attacks from outside an organization's network perimeter. read more →
Continuous Penetration Testing: Key Benefits and How It Differs from Traditional Methods
You need more value out of your pentests. The traditional point-in-time testing isn't cutting it. Continuous penetration testing brings an innovative methodology that better protects you and your business. This post… read more →
External Attack Surface Management: 5 Key Capabilities
External attack surface management (EASM) focuses on managing and securing an organization's digital assets exposed to external threats. read more →
Large Language Model (LLM) Security Testing: Types, Techniques, and Methodology
Get ready to learn the importance of LLM (Large Language Model) security testing, a vital process for identifying vulnerabilities in AI models, especially those integrated into web applications. The need for early… read more →
One Proxy to Rule Them All
Bypass WAFs with gigaproxy: an HTTP proxy that rotates IPs using mitmproxy, AWS API Gateway, and Lambda. Read the blog to learn more. read more →
From Twitter to Exploit: The Sprocket Security Lifecycle of Exploitation
Our approach to mass exploitation of the latest and greatest vulnerability. On the chopping block, this time around: CVE-2024-3400. read more →
Patch Diffing CVE-2024-3400 from a Palo Alto NGFW Marketplace AMI
One of the needs during CVE-2024-3400 testing was the ability to test against a live non-production vulnerable instance. We opted for the Palo Alto NGFW AWS Marketplace AMI. read more →
Introduction to the Ticketing SaaS Landscape
The shift to remote work has led to significant changes in organizational dynamics and technology infrastructure, particularly in ticketing, help desk, and management platforms. Sprocket pentesters focus on evaluating… read more →
Continuous Human & Automated Security
The Expert-Driven Offensive
Security Platform
Continuously monitor your attack surface with advanced change detection. Upon change, testers and systems perform security testing. You are alerted and assisted in remediation efforts all contained in a single security application, the Sprocket Platform.
Expert-Driven Offensive Security Platform
- Attack Surface Management
- Continuous Penetration Testing
- Adversary Simulations