Posts by pretera
Bugcrowd and Pretera Join Forces to Accelerate Proactive Security for Enterprises
Brussels-based security specialist adds global reach and continuous testing to offensive security portfolio SAN FRANCISCO, CA & BRUSSELS, BELGIUM – 19 August 2025 – Bugcrowd, a crowdsourced security leader, today announced a strategic collaboration with Pretera, an offensive security firm based in Brussels. As Bugcrowd’s first partner in the Benelux region, Pretera will play a key role in…
Read MoreWhen Source Code Hides in Plain Sight – Introducing SVN-Ripper
Imagine this: A company has a well-designed web application, hosted securely and hardened externally, and yet the entire source code is retrievable by simply browsing to: https://yourdomain.com/.svn/ This situation is not hypothetical. During multiple red team and pentest engagements at Pretera, we discovered complete application logic exposed through Subversion (SVN) metadata folders that were inadvertently…
Read MorePretera Welcomes Former Swift CSO Karel De Kneef as External Strategic Advisor
Pretera, a cybersecurity firm specializing in offensive security and red teaming, is proud to announce that Karel De Kneef, former Chief Security Officer (CSO) of Swift, has joined the company as an External Strategic Advisor. Karel is a seasoned executive with more than two decades of leadership experience spanning technology, operations, and cybersecurity. During his…
Read MorePassword Reset Gone Wrong: The Power of Callback URL Manipulation
Account takeover by password reset is a common yet often overlooked flaw in which an attacker acquires access to a victim’s account by manipulating the password reset process. This type of flaw frequently targets flaws in how a website or service handles callback URLs, which are intended to redirect users after they reset their passwords.…
Read MoreDeepfake Attacks: The Latest Weapon of Social Engineering
Often overlooked, social engineering has always been a great weapon for cybercriminals due to its focus on exploiting human weaknesses. Social engineering takes a different approach compared to traditional hacking: instead of focusing on exploiting software vulnerabilities, it seeks to manipulate human weaknesses. It relies on manipulating emotions like trust, fear, and respect for authority,…
Read MoreBurp suite certified practitioner exam: Review and Insights
Since I recently passed the “Burp Suite Certified Practitioner” exam, I felt it would be useful to share some of my experiences and lessons learned, with those who are considering taking this exam, or just interested in completing the PortSwigger Academy challenges. How Did I Prepare Despite the fact that I have spent several years…
Read MoreHow misconfigured and vulnerable devices could expose your company to physical and cyber threats
Recently, we were given the mission to conduct an internal and wireless security assessment for one of our clients. Following the discovery of vulnerabilities in their network security and the acquisition of access to their wireless infrastructure, we were able to carry out remote network scanning of their internal systems. After enumerating their running services…
Read MoreWhy Penetration Testing is Important
Penetration testing, also known as pentesting, is a simulated cyber attack on a computer system, network, or web application with the goal of finding security vulnerabilities that could be exploited by malicious hackers. In today’s rapidly evolving digital world, pentesting has become a critical component of any organization’s security strategy. In this blog post, we…
Read More