A new open-source penetration testing tool, dubbed Firework, will let pen testers collect sensitive data by tricking their targets into opening Microsoft WCX files. Firework is a Python-based tool designed to find weak spots in enterprise security practices, and address the issue of social engineering tactics in corporate network breaches.

Read full news article on Dark Reading