Beau Bullock

Author, Beau Bullock, Blue Team, Blue Team Tools, Webcasts CredDefense, defense, defensive tool, Pentesting, tool, toolkit

WEBCAST: CredDefense Toolkit

Beau Bullock, Brian Fehrman, & Derek Banks // Pentesting organizations as your day-to-day job quickly reveals commonalities among environments. Although each test is a bit unique, there’s a typical path […]

Read the entire post here

Author, Beau Bullock, Blue Team, Blue Team Tools, Brian Fehrman Cred Defense Tool Kit, CredDefense, CredDefense Toolkit, event log consolidation, hardening accounts, kerberoasting, password auditing, password spraying, Pentesting, ResponderGuard

The CredDefense Toolkit

Derek Banks, Beau Bullock, & Brian Fehrman // Our clients often ask how they could have detected and prevented the post-exploitation activities we used in their environment to gain elevated […]

Read the entire post here

Author, Beau Bullock, External/Internal, Red Team email attack, MailSniper, Microsoft, Microsoft Exchange, MS, Office365, OWA, pen-testing, tools

Abusing Exchange Mailbox Permissions with MailSniper

Beau Bullock // Overview Microsoft Exchange users have the power to grant other users various levels of access to their mailbox folders. For example, a user can grant other users […]

Read the entire post here

Author, Beau Bullock, Recon, Red Team, Red Team Tools HostRecon, PowerShell, Situational Awareness, tool

HostRecon: A Situational Awareness Tool

Beau Bullock // Overview HostRecon is a tool I wrote in PowerShell to assist with quickly enumerating a number of items that I would typically check after gaining access to […]

Read the entire post here

Author, Beau Bullock, External/Internal, Red Team, Red Team Tools, Webcasts Email, MS, OWA, Vulnerabilities

WEBCAST: Exchange and OWA attacks – Step by Step

Here’s our webcast with Beau Bullock, Brian Fehrman & Carrie Roberts from Tuesday, November 29.

Read the entire post here

Author, Beau Bullock, External/Internal, Red Team 2FA, Beau Bullock, Email, EWS, MailSniper, Microsoft, Outlook, OWA, OWA portal, Vulnerabilities

Bypassing Two-Factor Authentication on OWA & Office365 Portals

Beau Bullock // Full Disclosure: Black Hills Information Security believes in responsible disclosure of vulnerabilities. This vulnerability was reported to Microsoft on September 28th, 2016. As of the publication date of […]

Read the entire post here

Author, Beau Bullock, External/Internal, Red Team Beau Bullock, FindPeople, Get-GlobalAddressList, Invoke-PasswordSprayOWA, InvokePasswordSprayEWS, MailSniper, OWA, updates

Attacking Exchange with MailSniper

Beau Bullock // I’ve added in a few modules to MailSniper that will assist in remote attacks against organizations that are hosting an externally facing Exchange server (OWA or EWS). Specifically, […]

Read the entire post here

Author, Beau Bullock, External/Internal, Red Team Beau Bullock, hunting, Pentesting, pillaging, red teaming, sensitive info, yolo

Introducing MailSniper: A Tool For Searching Every User’s Email for Sensitive Data

Beau Bullock // TL;DR MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It […]

Read the entire post here

Author, Beau Bullock, Brian Fehrman, Red Team, Red Team Tools how to bypass Anti Virus, How to bypass AV, How to bypass whitelisting, PowerShell, PowerShell without PowerShell, What to do when PowerShell is banned

Powershell Without Powershell – How To Bypass Application Whitelisting, Environment Restrictions & AV

Brian Fehrman (With shout outs to: Kelsey Bellew, Beau Bullock) // In a previous blog post, we talked about bypassing AV and Application Whitelisting by using a method developed by Casey Smith. In […]

Read the entire post here