Blog
Penetration testing: black box, white box and gray box
Penetration testing is an essential process for assessing the robustness of IT systems against cyberattacks. By simulating realistic scenarios, it allows vulnerabilities to be detected before they are exploited by malicious actors. Depending on the information...
How do you perform a penetration test for a web application?
Creating a penetration test for a web application is a complex process requiring technical skills, a rigorous methodology and in-depth knowledge of current IT threats. The process involves simulating real-life attacks on an online application to assess its resistance...
What is an external pentest?
External pentesting is a technical audit carried out by an offensive security professional, aimed at identifying vulnerabilities accessible from outside the company, i.e. from the Internet, without prior access to internal resources. External Pentest: simulating a...
Industrial Pentest: How can it help you identify and correct vulnerabilities?
In the complex world of industrial systems, security is a crucial priority. Have you ever considered the potential vulnerabilities that could compromise the robustness of your infrastructure? That's what we're going to look at in this blog post. But first, imagine:...
What are the differences between Red Team and Pentest?
Pentest, or penetration testing, and the more global and strategic Red Team exercise, are two methods that belong to the field of offensive cybersecurity. They differ profoundly in terms of their scope, objectives, duration, technical nature and the conditions under...
Bypassing Windows Defender antivirus in 2025: Evasion Techniques Using Direct Syscalls and XOR Encryption – Part 1
Reading Time: 10 minutesTechnical Level: Advanced Introduction As pentesters, we always have to keep up to date with the latest trends and of course, bypassing antiviruses is part of our activities. In this article, we will discuss how to bypass antiviruses and since...
In-store physical Pentest: feedback on a real case study
Cybersecurity is not limited to the digital sphere. Physical attacks are also part of the modus operandi used by cybercriminals. The principle is simple: look for a human or material flaw within your company to gain access to your data or disrupt the smooth running of...
Phishing campaign: Are decision-makers vulnerable?
Phishing: an underestimated threat Cybersecurity is a major issue for companies, and malicious phishing campaigns are among the most frequent threats. Yet corporate decision-makers, including CEOs and CTOs, are sometimes the...
How to obtain a time-based blind SQL injection and automate by modifying SQLMAP?
The cybersecurity of web applications is a crucial issue in a world where digital data has become a major asset. Among the most subtle threats, "time-based blind SQL injection" vulnerabilities stand out for their ability to exfiltrate data without triggering obvious...
Your security is important to us. What about you?
Take advantage of a free 30-minute functional audit to assess your current situation.