Pen Test Partners

Eurostar AI vulnerability: when a chatbot goes off the rails

TL;DR Introduction I first encountered the chatbot as a normal Eurostar customer while planning a trip. When it opened, it ...
Pen Test Partners

ISC2 East of England Chapter

Building Cyber AI Confidence event on ‘Flirting with AI: Pwning Websites Through Their AI Chatbot Agents and Politely ...
pentestpartners.com

Securi-Tay 2026

222 Broadway 22nd Floor, Suite 2525,New York, ...
pentestpartners.com

The built-in Windows security features you should be using

It’s more common than you might think to miss built-in defences. Windows has a lot of features that help keep your identity safe, make endpoints more secure, control what software can run, and make it ...
pentestpartners.com

Pen Tester

We are seeking an enthusiastic security consultant to join our team. Working alongside some of the best hacking minds in the country, you will be delivering pen testing services to a diverse range of ...
pentestpartners.com

Beyond cloud compliance dashboards, what’s next?

Cloud compliance frameworks are a good place to start. Dashboards that show how your estate compares to benchmarks like CIS and vendor-specific best practice checks are available from most major cloud ...
pentestpartners.com

Common Kubernetes misconfigurations and how to avoid them

Kubernetes has changed the way we deploy and scale workloads. It’s powerful, flexible, and very good at hiding a lot of complexity. It is also very good at hiding security problems until someone ...
pentestpartners.com

Start hacking Bluetooth Low Energy today! (part 2)

In part one we started hacking Bluetooth and made a little £2 key-finder beep using only Android and Linux. If you haven’t read that post, I would recommend it as a primer to the devices, BLE and what ...
pentestpartners.com

Thumbnail forensics. DFIR techniques for analysing Windows Thumbcache

Windows thumbnail cache, or thumbcache, is a well-known forensic artifact, but often one that is overlooked. The thumbcache stores small previews of images, videos and documents and can persist even ...
pentestpartners.com

Rethinking cyber insurance questions to find real risk

I’ve been advising on cyber risk in the insurance sector for over a decade. It still surprises me how many proposal forms include questions that offer very little insight into the actual risk being ...
pentestpartners.com

How to load unsigned or fake-signed apps on iOS

In certain circumstances it can be challenging installing client applications for testing. Situations arise where the application could be provided unsigned or requires self-signing. As a result, the ...
pentestpartners.com

Bypass SharePoint Restricted View to exfiltrate data using Copilot AI and more…

As Red Teamers, we often find information in SharePoint that can be useful for us in later attacks. As part of this we regularly want to download copies of the file, or parts of their contents. In ...