Featured Guide

FAQ Guide: Acquiring DORA Threat-Led Penetration Testing

Bishop Fox’s comprehensive DORA FAQ guide walks you through everything you need to know about fulfilling these critical requirements. This resource is a must-have for financial institutions looking to stay ahead of DORA’s complex compliance landscape.

Preview of Bishop Fox new offensive security guide on Cloud Penetration Testing titled: Outpacing adversaries in the cloud
Guide

Outpacing Adversaries in the Cloud: An Offensive Security Guide

Download our guide to discover the current challenges in securing the cloud, the approach offensive security takes through cloud penetration testing, and the differences and advantages of investing in CPTs as part of a cloud security program.

Preview of Bishop Fox Red teaming Guide cover page on dark purple background.
Guide

Getting Red Teaming Right: A How-to Guide

Read our eBook to learn how Red Teaming can provide the ultimate training ground for your defenses, assessing how well (or not) intrusions are detected and how an attacker can move throughout your network to achieve exfiltration.

OWASP ASVS Demystified digital guide on purple lock background.
Guide

OWASP ASVS Demystified: A Practical Guide to Web Application Security Testing

In this technical guide, offensive security expert Shanni Prutchi provides analysis of the entire 278 verification requirements listed in OWASP's ASVS standard to assist in the generation of test cases and provide context to companies looking to test their applications against the standard.

Preview of the Bishop Fox cybersecurity style guide pamphlet on dark purple background.
Guide

Cybersecurity Style Guide v2.0

Designed for security researchers, this guide is an invaluable resource for advice on which cybersecurity terms to use in reports and how to use them correctly.

Bishop Fox's Ransomware Readiness eBook with compass imagery
Guide

The Offensive Security Guide to Ransomware Readiness

Our ransomware readiness guide helps you understand your current state of ransomware readiness, prepare for ransomware attacks, identify gaps in your current strategy, and measure progress to continually enhance readiness.

image of purple eBook cover with blue text and white page with graphs on dark background
Guide

Fortifying Your Applications: A Guide to Penetration Testing

Download this eBook to explore key aspects of application penetration testing, questions to ask along the way, how to evaluate vendors, and our top recommendations to make the most of your pen test based on almost two decades of experience and thousands of engagements.

Subscribe to Bishop Fox's Security Blog

Be first to learn about latest tools, advisories, and findings.

Ransomware readiness self-assessment guide cover and 2 white pages showing a questionnaire and one purple and black cover page with a maze and blue writing Ransomware self Readiness guide. All on dark purple to black background.
Guide

Ready or Not: A Ransomware Self-Assessment

Fill out Bishop Fox’s ransomware self-assessment to see how your program stacks up to rigorous offensive security preparation.

A cover report imagery with charts and infinity ring
Guide

Shifting Left: A DevSecOps Field Guide

Our eBook offers practical recommendations on how developers and security teams alike can move towards a DevSecOps model in any organization – with a goal of shared responsibility and creating a perpetual and repeatable process.

Bishop Fox eBook cover Looking Toward Cosmos: Business Justification for Continuous Penetration Testing.
Guide

Looking Toward the Cosmos: Making the Case for Continuous Offensive Security

Download this eBook to uncover the factors and inputs used in our customizable ROI calculator that are critical to making the business case for continuous offensive testing. The output of the calculator is intended to help you draw a direct line from investment to risk mitigation that can be communicated to both technical and non-technical decision makers.

Vintage vinyl record sleeve featuring a purple fox with Greatest hits of offensive testing tools in 2022. Greatest Hits: A Compilation of Our Favorite Offensive Testing Tools.
Guide

Greatest Hits: A Compilation of Our Favorite Offensive Testing Tools

What’s better than a Top 10 List? An ultimate guide of all our favorite lists – from red team and cloud penetration tools TO our favorite music to hack to and the best reads for your offensive security journey. We’ve got you covered to level up your penetration testing game with this comprehensive guide of hacking goodies.

Preview cover page of the asminject.py technical guide highlighting the capabilities of it, a Linux code injection security tool.
Guide

asminject.py: Compromise Trusted Linux Processes and Containers

This step-by-step technical guide highlights the capabilities of asminject.py, a code injection tool used to compromise Linux processes and containers.

Top 50 Questions to Ask When Evaluating Offensive Security Providers check list first page preview
Guide

Evaluating Offensive Security Solutions: Top 50 Questions to Ask

To ensure your security investments offer complete visibility into your attack surface and uncover critical risks at scale, we've compiled questions to help you evaluate solutions. We focus on six key areas: attack surface discovery, exposure identification, triage, validation, remediation, and outputs.

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.