The Penetration Test That Paid for Itself within Three Weeks

Tech and Mech commissioned a proactive web server penetration test. Three weeks later a denial-of-service attack hit one of the sites. With the Berkner Tech report and fixes already in hand, they recovered with minimal downtime.

Scoping a Hardware Penetration Test

A good hardware pen test starts with good scope. Here is how to define what gets tested, how deeply, and what the risks are before any probe touches a board.

Writing a Hardware Pentest Report That Gets Fixed

A finding nobody fixes is wasted work. Here is how to write a hardware penetration test report that engineers act on instead of filing away.

From Recon to Root: An Embedded Pentest Walkthrough

A start-to-finish look at how an embedded penetration test goes, from first contact with the board to a root shell and what it means.

Persistence Techniques on Embedded Devices

Getting onto a device is one thing; staying there across reboots and updates is another. Here is how persistence works on embedded systems and how to detect it.

Privilege Escalation on Embedded Linux

A foothold on an embedded Linux device is rarely root at first. Here are the privilege-escalation paths that are common on embedded systems.