Tevora Releases Free, Open-Source Penetration Testing Tool, SecSmash

New tool equips organizations and penetration testers with additional layer of security
Tevora

Tevora, a leading provider of security, governance and compliance solutions, announced the launch of a free, open-source penetration testing tool, SecSmash. The tool, first teased at information security conference BSIDES in July, was designed for security teams, namely, penetration testers and is intended to support existing security systems.

About SecSmash

SecSmash enables penetration testers to use this same C2 approach to better assess the risk of an organizations security system. This tool is the result of the shared knowledge of the penetration testing community, and we wanted to give back.

Kevin Dick, Senior Consultant

Organizations face many cybersecurity challenges today, one being how can they prevent attackers from using their own security products against them? Many times, the poor deployment of a product can leave critical pieces of infrastructure unprotected. Weak passwords or failing to use two-factor authentication can leave security products intended to protect an organization exposed. The SecSmash framework helps penetration testers identify any such weaknesses and correct them before an attacker poses a threat by turning centralized management, monitoring and security tools into command and control, aka C2, infrastructure. Attackers frequently use the C2 approach to commandeer security systems.

“SecSmash enables penetration testers to use this same C2 approach to better assess the risk of an organizations security system,” said Lead Penetration Tester and SecSmash designer, Kevin Dick. “This tool is the result of the shared knowledge of the penetration testing community, and we wanted to give back.”

Availability and Supporting Technology

SecSmash is available free of charge on GitHub. Its modular framework allows for integration with any available technology solutions. Additional details about the tool can be found on the Tevora Threat Blog.

About Tevora

Tevora is an enterprise consulting firm specializing in information assurance, governance and compliance services and solutions. We work with some of the world’s leading companies, institutions and governments to ensure the safety of their information and their compliance with applicable regulations. With a distinctive combination of proven products and services, Tevora aids enterprises in protecting their most important assets from external and internal threats.

For more information about Tevora please visit www.tevora.com, learn about security news and trends on www.teovora.com/connect/blog or follow us on Twitter @tevora. 

Media Contact:

Liz Kydoniefs​
979.716.0861
​Lkydoniefs@tevora.com

Source: Tevora

About Tevora

Tevora is the nation's premier management consulting firm specializing in information assurance, governance and compliance services and solutions.

Tevora
One Spectrum Pointe Drive , #200
Lake Forest, CA
92630

More Press Releases