Introducing Squeegee: The Microsoft Windows RDP Scraping Utility
Hi, it’s David with BHIS! You’ll be saying, “Wow,” every time you use this tool. It’s like a shammy. It’s like a towel. It’s like a sponge. A regular towel […]
Author
Offensive IoT for Red Team Implants (Part 2)
This is Part Two of the blog series, Offensive IoT for Red Team Implants, so if you have not read PART ONE, I would encourage you do to so first […]
Offensive IoT for Red Team Implants – Part 1
This is part one of a multipart blog series on researching a new generation of hardware implants and how using solutions from the world of IoT can unleash new capabilities. […]
At Home Detection Engineering Lab for Beginners
| Niccolo Arboleda | Guest Author Niccolo Arboleda is a cybersecurity enthusiast and student at the University of Toronto. He is usually found in his home lab studying different cybersecurity […]
Deploy an Active Directory Lab Within Minutes
Creating your own lab can sound like a daunting task. By the end of this blog post, you will be able to deploy your own Active Directory (AD) environment in […]
Red Teaming: A Story From the Trenches
This article originally featured in the very first issue of our PROMPT# zine — Choose Wisely. You can find that issue (and all the others) here: https://www.blackhillsinfosec.com/prompt-zine/ I remember a […]
How to Install and Perform Wi-Fi Attacks with Wifiphisher
tl;dr: Install Wifiphisher on Kali and run a basic attack. This crappy little copy/paste-able operation resulted in a functional Wifiphisher virtual environment on Kali (as of January 22, 2024). Two […]
In Through the Front Door – Protecting Your Perimeter
While social engineering attacks such as phishing are a great way to gain a foothold in a target environment, direct attacks against externally exploitable services are continuing to make headlines. […]
Can’t Stop, Won’t Stop Hijacking (CSWSH) WebSockets
The WebSocket Protocol, standardized in 2011 with RFC 6455, enables full-duplex communication between clients and web servers over a single, persistent connection, resolving a longstanding limitation of HTTP that hindered […]