Laurent Vetter

At a time when cyber attacks are becoming more sophisticated and targeted every day, a holistic view of your own IT attack surface is essential. Many companies already invest in regular penetration tests to check their systems and applications for vulnerabilities. However, what is often overlooked: The first step of a real attacker is usually not active scanning, but passive information gathering. Also known as Open Source Intelligence (OSINT) or Passive Reconnaissance.

Penetration testing is a useful tool to improve the security of IT infrastructures as well as applications. They

Summary During our technical password audits, we were able to analyse more than 40.000 password hashes and crack

Since the certification authority Let’s Encrypt was founded in 2014 and went live at the end of 2015,