Pen Test Partners

BSidesHBG 2026

Pwning web sites through their AI chatbot agents and politely breaking guard rails ...
Pen Test Partners

You can pen test OT networks without breaking them

TL;DR  Introduction   There is a widely held belief that penetration testing Operational Technology networks is impossible.
pentestpartners.com

PTP Cyber Fest 2026

Built on five years of hands on, community led events, it has grown into something a bit different from the usual cyber event. More practical. More interactive. More time with the people doing the ...
Pen Test Partners

Digital Operational Resilience Act (DORA)

TL;DR:  What DORA is, who it affects, and what “good” looks like  If you run a financial services business in the EU, or you provide tech to one, DORA (the Digital Operational Resilience Act) is now ...
pentestpartners.com

How we turned a real car into a Mario Kart controller by intercepting CAN data

If you went to our PTP Cyber Fest over the Infosec week you may have seen the PTP hack car being used as a games controller for the game SuperTuxKart (a free and open-source Mario Kart type game). You ...
pentestpartners.com

SweetPotato – Service to SYSTEM

I’ve had a keen interest in the original RottenPotato and JuicyPotato exploits that utilize DCOM and NTLM reflection to perform privilege escalation to SYSTEM from service accounts. The applications ...
pentestpartners.com

Gone in six seconds? Exploiting car alarms

Key relay attacks against keyless entry vehicles are well known. Many 3 rd party car alarm vendors market themselves as solutions to this. We have shown that fitting these alarms can make your vehicle ...
pentestpartners.com

RCEs and more in the KUNBUS GmbH Revolution Pi PLC

The Revolution Pi is a programmable logic controller (PLC) made by KUNBUS Gmbh. PLCs are ruggedised devices sitting near the lowest layer of an industrial network. They use simple I/O and fieldbus ...
pentestpartners.com

Bypassing MFA on Microsoft Azure Entra ID

On a recent Red Team engagement we got Domain Admin privileges on the on-premises Active Directory (AD) network. But we had not yet gained access to their cloud estate, which was hosted in Azure. Our ...
pentestpartners.com

Making children’s toys swear

In our last toy related post we mentioned My Friend Cayla, here we’ll lift the lid on what we found. Cayla is effectively a bluetooth headset, dressed up as a doll. Yes, you can actually make phone ...
pentestpartners.com

Smart lighting security

Smart lighting systems create great opportunity for improved efficiency, cost savings and easy management. The long lifespan and low power requirement of LED luminaires and lamps means that it’s worth ...
pentestpartners.com

Database Integrity Vulnerabilities in Boeing’s Onboard Performance Tool

Security gaps in older, unprotected Windows desktop versions of Boeing’s Onboard Performance Tool (OPT) could make certain Electronic Flight Bags (EFB) more susceptible to attack. In particular, OPT’s ...