Author

C2, Craig Vincent, Red Team C2, command and control, Red Team, WebSockets, WSC2

Command and Control with WebSockets WSC2

Craig Vincent// This all started with a conversation I was having with a few other BHIS testers. At the time, I was testing a web application that used WebSockets. The […]

Read the entire post here

Author, Blue Team, How-To, Jordan Drysdale Amazon Web Services, AWS, Best Practices, Blue Team, Jordan Drysdale, Scout2

Scout2 Usage: AWS Infrastructure Security Best Practices

Jordan Drysdale// Full disclosure and tl;dr: The NCC Group has developed an amazing toolkit for analyzing your AWS infrastructure against Amazon’s best practices guidelines. Start here: https://github.com/nccgroup/Scout2 Then, access your […]

Read the entire post here

Author, Beau Bullock, Mike Felch, Podcasts Getting into Infosec, Intro to InfoSec

PODCAST: Highly Caffeinated InfoSec

Join Beau Bullock and Mike Felch as they talk about ways to learn more, network and wake up your inner hacker. See the full episode here and look at the slides […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

Author, Beau Bullock, InfoSec 101, Mike Felch, Webcasts information security, infosec, meetups, public speaking, webcast, webcasts

WEBCAST: Highly Caffeinated InfoSec

Beau Bullock & Mike Felch// Ways to Learn More, Network, and Wake Up Your Inner Hacker Whether you are brand new to InfoSec or a skilled veteran there are ways […]

Read the entire post here

Author, John Strand, Podcasts cloud, Pen Testing Cloud Infrastructure, pen-testing, The Cloud

PODCAST: Attack Tactics Part 3: No Active Directory? No Problem!

John Strand talks about how BHIS pen tests companies who use the cloud. Want to know how you can defend against attacks in your cloud infrastructure? Keep your eyes peeled for […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

Author, Beau Bullock, Podcasts C2, command and control

PODCAST: Lee Kagan & Beau Bullock talk C2

Special guest Lee Kagan from RedBlack Security talks about his script, his previous guest posts and the future of C2 with Beau Bullock and Sierra. Check out these links: How […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

00317_07102018_WEBCAST_AttackTacticsPart3

Author, John Strand, Red Team, Webcasts Attack Tactics, Red Team, webcast, webcasts

WEBCAST: Attack Tactics 3

John Strand// For this next installment of our Attack Tactics webcast series, John Strand looks at an environment that had no Active Directory. This is odd, but it’s becoming more […]

Read the entire post here

Author, Blue Team, How-To, Kent Ickler, Phishing Anti-Phising, Best Practices, Blue Team, DKIM, DMARC, Email, Filtering, Incident Response, IR, Kent Ickler, Marketing, phishing, reconnaissance, RFC 4408, Sender Policy Framework, Spam, SPF

Offensive SPF: How to Automate Anti-Phishing Reconnaissance Using Sender Policy Framework

Kent Ickler // TL;DR: This post describes the process of building an active system to automatically recon SPF violations. Disclaimer: There are parts of this build that might not be legal […]

Read the entire post here

Author, Derrick Rauch, How-To, Kent Ickler, Password Cracking, Red Team Cracking, GPU, Hash, Hashcat, NVidia, password, Red Team, setup, Ubuntu

Running HashCat on Ubuntu 18.04 Server with 1080TI

Derrick Rauch and Kent Ickler // (Updated 3/22/2019) First, to see what our build looks like, look here: https://www.blackhillsinfosec.com/build-password-cracker-nvidia-gtx-1080ti-gtx-1070/ What’s next? Time for System Rebuild! First, you need to decide whether you […]

Read the entire post here

«‹ 34 35 36 37 ›»