Pen Test Partners

BSidesHBG 2026

Pwning web sites through their AI chatbot agents and politely breaking guard rails ...
pentestpartners.com

PTP Cyber Fest 2026

Built on five years of hands on, community led events, it has grown into something a bit different from the usual cyber event. More practical. More interactive. More time with the people doing the ...
pentestpartners.com

eyeDisk. Hacking the unhackable. Again

Last year, about the time we were messing around with a virtually unheard-of hardware wallet we got a bit excited about the word “unhackable”. Long story short, I ended up supporting a selection of ...
pentestpartners.com

Pipedream ICS malware toolkit is a nightmare

Pipedream, tooling created by the CHERNOVITE hacking group, has sparked serious concern in the cybersecurity world. It has the ability to target industrial control systems (ICS) without relying on ...
pentestpartners.com

SweetPotato – Service to SYSTEM

I’ve had a keen interest in the original RottenPotato and JuicyPotato exploits that utilize DCOM and NTLM reflection to perform privilege escalation to SYSTEM from service accounts. The applications ...
pentestpartners.com

How to load unsigned or fake-signed apps on iOS

In certain circumstances it can be challenging installing client applications for testing. Situations arise where the application could be provided unsigned or requires self-signing. As a result, the ...
pentestpartners.com

Making children’s toys swear

In our last toy related post we mentioned My Friend Cayla, here we’ll lift the lid on what we found. Cayla is effectively a bluetooth headset, dressed up as a doll. Yes, you can actually make phone ...
pentestpartners.com

Using AI Chatbots to examine leaked data

AI is proving to be a useful companion for analysing data at scale for forensic examiners (data that is already publicly available if not privately hosted). This involves building an AI chatbot system ...
pentestpartners.com

How can you protect your data, privacy, and finances if your phone gets lost or stolen?

The UK is witnessing a rise in phone thefts. This surge in criminal activity sees thieves brazenly snatching smartphones from unsuspecting pedestrians, often in broad daylight and crowded areas. In an ...
pentestpartners.com

Cyber threats to shipping explained

The events in Baltimore earlier this year brought maritime cybersecurity into the spotlight. Initial outlandish claims asserted that the MV Dali was certainly hacked, whilst others made the equally ...
pentestpartners.com

Reverse Engineering a 5g ‘Bioshield’

Six months ago the UK’s Glastonbury Town Council set up a 5g Advisory Committee to explore the safety of the technology, and last month the local paper reported their findings. This statement is in ...
pentestpartners.com

Don’t use corporate email for your personal life

If you want to register for a service or platform you need an email address. But what happens if someone uses their corporate address?: If the third-party service is compromised the corporate email ...