@pentest-tools.com
From vulnerability scans to proof, Pentest-Tools.com gives 2,000+ security teams in 119 countries the speed, accuracy, and coverage to confidently validate and mitigate risks across their infrastructure (network, cloud, web apps, APIs).
π Cleaner reporting - less tab-switching, more time for actual testing
Thousands of vulnerabilities, built for practitioners who need answers fast.
Access the full library here: pentest-tools.com/vulnerabilit...
#infosec #vulnerabilitymanagement #ethicalhacking #cybersecurity
Thatβs why we built the Pentest-Tools.com "Vulnerabilities & exploits database".
It gives you:
π Context - what the flaw does and how it behaves
π οΈ Practical remediation - not just generic patch advice
π Validation paths - direct links to the tools that help confirm exposure
You found the CVE.
Now comes the annoying part: figuring out what it actually means.
Not the score.
Not the headline.
The real part - how it behaves, how to validate it, and how to explain it without opening 12 tabs.
CVSS: 7.7 High. No fix is coming, the FuelCMS master branch hasn't seen a commit in ~4 years. We emailed the vendor. They're as quiet as an unmonitored server at 3am.
See the full technical breakdown here: pentest-tools.com/research
The parameters meant to verify your reset token and email? Both injectable.
So a valid reset token becomes a master key to:
ποΈ Dump the entire database
π Reset any account's password, not just yours
βοΈ Modify or delete content across the site as the admin
PTT-2025-030 - FuelCMS
Forgot your password? No worries, we attackers can reset even the admin's. π
PTT-2025-030: Matei "Mal" BΔdΔnoiu and Raul Bledea from our team found SQL injection hiding inside the password reset flow of FuelCMS v1.5.2.
Cybercrime looks less like solo chaos and more like organized operations.
Thatβs the perspective Andra-Larisa Zaharia from Pentest-Tools.com shared with CSO Online: specialized roles, repeatable processes, and trust networks that take years to build.
It also explains how Pentest-Tools.com validates findings across web, network, API, and cloud so teams spend less time re-checking and more time fixing.
Because more is NOT better. Get more arguments for internal debates from here: pentest-tools.com/usage/accuracy
#infosec #offensivesecurity
π Proof - move from βpotentialβ to βprovenβ
π§ͺ Reproducibility - steps your team can actually follow
𧩠Context - why this finding matters in your environment
π§Ό Clarity - no more decoding cryptic outputs
Accuracy is the new product white paper - Pentest-Tools.com
Does your team spend more time debating findings rather than remediating them?
Thatβs the bottleneck and this is the corkscrew. Here's why.
Our free (and ungated) white paper shows what makes scan results worth acting on:
The new Offensive Security Research Hub on Pentest-Tools.com (led by Matei Badanoiu) shares the full discovery path: from anomalous behavior to validated vulnerability.
Original research for the hacker community: pentest-tools.com/research
#vulnerabilityresearch #infosec
Offensive Security Research Hub - Pentest-Tools.com
Most research write-ups tell you what the bug is. Very few show you how someone actually got there.
That gap matters.
Many thanks to Matei Badanoiu, Raul Bledea and Eusebiu Boghici for their contributions.
#offensivesecurity #vulnerabilityresearch #pentesting #infosec
Out of curiosity: how often do you still run into 10+ year-old libraries during engagements?
Result: full web app compromise.
We published the full exploit chain on our blogpost so practitioners can reproduce and validate the findings. Read the detailed research here: pentest-tools.com/blog/throwin...
π SQL injection (PTT-2025-030): usernames extracted during password reset (optional step)
β‘ PHP code execution (PTT-2025-026): unsanitized backslashes in the Dwoo parser resulting in RAW PHP CODE EXECUTION
The root causes? A *12-year-old Dwoo templating engine* and *outdated CodeIgniter3 code* still lurking in production systems.
The exploit chain combines:
π Account takeover (PTT-2025-025): reset password tokens leaked by sending them to the attacker's inbox
Seven bugs. One unauthenticated RCE chain. Zero clicks.
This original research by our offensive security team into FuelCMS (v1.5.2) uncovered seven new vulnerabilities. By chaining some of them, we achieved Remote Code Execution (RCE).
Because real #pentesting workflows arenβt perfect - and good demos shouldnβt pretend they are.
What should we try (or possibly break) in the next demo? π
Sacha is also one of our most precious collaborators, check out his articles on our blog: pentest-tools.com/blog/authors...
π How he organizes targets with workspaces
π How he spots critical vulnerabilities from the dashboard
π How he chains tools to validate findings faster
No polished slides. No βeverything works on the first try.β
Just real demos - where things might break, scans might fail, and you see how practitioners adapt.
In the first session, Sacha Iakovenko walks through his process:
Demo time! The place where tools behave perfectlyβ¦ until you hit βStart.β π
Weβve launched a bi-weekly demo series where #offensivesecurity practitioners show how they *actually* use Pentest-Tools.com in real workflows.
youtu.be/TXoFOyOlyec?...
Catch the full breakdown in this link: pentest-tools.com/change-log
Until next time: Stay sharp. Stay human.
π‘οΈ New detection: Redis RCE - identify exploitable Redis instances (CVE-2025-62507) across internet-facing and internal segments.
π§ Granular scan logs - Website and API Scanners now display discoveries in the console output in real-time.
π― One-click RCE validation - Sniper: Auto-Exploiter now supports controlled exploitation for Telnet (CVE-2026-24061) and Ivanti EPMM (CVE-2026-1281) for confirmed proof-of-impact.
π ISO 27001 certified - we are officially ISO/IEC 27001:2022 certified, providing verified assurance for your sensitive findings.
February was about moving from detection to proof.
Here are the top updates in Pentest-Tools.com:
π§ͺ New research hub - we launched the Offensive Security Research Hub to share original 0-day research, working PoCs, and technical exploit chains built by our own team.
Bookmark this link, we're going to update it frequently with new learnings: pentest-tools.com/research
#vulnerabilityresearch #ethicalhacking #infosec
No summaries. No recycled advisories.
This is practitioner-grade research from people who _actively_ hunt and validate vulnerabilities.
If you want to understand how experienced attackers approach complex targets, start here.
Youβll see:
π οΈ Working PoCs and reproducible exploit paths
π§ The exact reasoning that turned strange behavior into confirmed impact
βοΈ Field-tested analysis of edge cases, constraints, and trade-offs
Our #offensivesecurity team - led by Matei Badanoiu (CVE Jesus) - publishes original research: newly discovered vulnerabilities, deep technical write-ups, and full exploit chains built from real-world investigation.