New Horizons
Project Management Academy
Six Sigma Online
TCM Security
TRACOM
Velopi
Watermark Learning
Login
Our Blog
Resources and insights
The latest industry news, interviews, technologies, and resources.
OWASP Top 10 2025 Explained: Insights from a Web Application Pentester
Introduction Earlier this year I published an OWASP Top 10 2025 prediction blog where I pulled CVE data from 2021 and made data driven predictions on where the new top 10 list will land. Now that the official list has been released, it’s time to reflect on the results...
Vulnerability Scanning VS Pentesting
Understanding the difference between vulnerability scanning and penetration testing is important for moving past automated testing and into manual testing.
AI Assisted Pentest Reporting
In this blog, we’ll show how to generate pentest finding templates with DeepSeek AI using MITRE’s Common Weakness Enumeration (CWE) categories.
How I Almost Got Phished: Advanced Phishing Example
Investigation of real phishing email that used background and interest targeting and an advanced tactic for bypassing spam filters and appearing legitimate.
Password Cracking For Pentesters: A 5-Step Guide
A look at Heath Adams’ five step methodology for cracking password hashes to quickly establish credentialed access during a penetration test.
Defend Against DoS with Rate Limiting
There are many methods for effectively handling DoS attacks, but as a first step, all web apps should implement rate limiting.
Guide to Modern Penetration Testing Infrastructure
TCM’s pentest lead Aaron Wilson covers hardware, software, report templates, and other infrastructure considerations that make a pentest firm run smoothly.
How AI Threatens Security Operations
The development of AI has produced benefits for security operations, but also accelerated the capabilities and scale of threat actors.
Top 5 Tools for Active Directory Penetration Testing
Are you on the road to becoming a penetration tester? Understanding Active Directory and how it is vulnerable to attackers is a crucial skill when it comes to infiltrating corporate networks. In this article, we look at some of our favorite tools for Active Directory...
Stay Ahead of Cyber Threats
Get expert insights on the latest penetration testing strategies, emerging vulnerabilities, and cybersecurity best practices—straight to your inbox.
Loading form...
We care about your data in our privacy policy.