Author

Author, Beau Bullock, External/Internal, Red Team, Red Team Tools, Webcasts Email, MS, OWA, Vulnerabilities

WEBCAST: Exchange and OWA attacks – Step by Step

Here’s our webcast with Beau Bullock, Brian Fehrman & Carrie Roberts from Tuesday, November 29.

Author, Blue Team, Kent Ickler Jordan Drysdale, long passwords, Password Security Objects, passwords, Windows 95/96, Windows Admin

How to Increase the Minimum Character Password Length (15+) Policies in Active Directory

Kent Ickler // As a start to a series on Windows Administration in the eyes of a security-conscious “Windows Guy” I invite you on configuring AD DS PSOs (Password Security […]

Read the entire post here

Author, Ethan Robish, Red Team, Red Team Tools author metadata, bugging documents, how to clear metadata, Microsoft, MS Excel, MS Word

Bugging Microsoft Files: Part 3 – Clearing Metadata

Ethan Robish // In my last two posts I showed how to insert tracking bugs in both .docx (Part 1) and .xlsx files (Part 2). But don’t let all that effort go […]

Read the entire post here

Author, Fun & Games, Jordan Drysdale, Red Team, Wireless Hand Crafted, hardware hacking, More Fun Projects, Princess Computer, Weaponizing Kids' Toys, Wi-Fi Attack Kits

Weaponizing Princess Toys: Crafting Wi-Fi Attack Kits

Jordan Drysdale // … Alternate Title: “Why I Love BHIS” So, I was gifted this cute little princessy-toy thing recently. My first thought was that my daughters will love this thing. […]

Read the entire post here

Author, Ethan Robish, Red Team, Red Team Tools Bugging Excel files, Bugging xlsx files, Colin Edwards, Excel, Microsoft Excel, microsoft office

Bugging Microsoft Files: Part 2 – Xlsx Files using Microsoft Excel

Ethan Robish // As promised in my previous post, part 1, this post shows how to place a tracking bug in a native .xlsx file. Full credit for this method […]

Read the entire post here

Author, Ethan Robish, Red Team, Red Team Tools ADHD, Bugging Word Files, Microsoft, MS Word, Pentesting, Web Word Bugs, Word

Bugging Microsoft Files: Part 1 – Docx Files using Microsoft Word

Ethan Robish // If you’re familiar with ADHD and Web Word Bugs, you likely already know the method to create web tracking software using .html files renamed as .doc files. […]

Read the entire post here

Author, Beau Bullock, External/Internal, Red Team 2FA, Beau Bullock, Email, EWS, MailSniper, Microsoft, Outlook, OWA, OWA portal, Vulnerabilities

Bypassing Two-Factor Authentication on OWA & Office365 Portals

Beau Bullock // Full Disclosure: Black Hills Information Security believes in responsible disclosure of vulnerabilities. This vulnerability was reported to Microsoft on September 28th, 2016. As of the publication date of […]

Read the entire post here

Author, Brian King, InfoSec 301 Bad Certificates, Certificate Transparency, Chrome, Google

Certificate Transparency Means What, Again?

Brian King // News from Google this week says that Chrome will start enforcing Certificate Transparency a year from now. https://groups.google.com/a/chromium.org/forum/#!topic/ct-policy/78N3SMcqUGw This means that when Chrome contacts a website, if […]

Read the entire post here

Author, Blue Team, David Fletcher, Red Team Blue Team, Conference Talk, GrrCon, Purple Team, Red Team, Red Team vs. Blue Team

Red + Blue = Purple

David Fletcher & Sally Vandeven // We gave a presentation at the GrrCon hacker conference in Grand Rapids, MI on October 6, 2016. The presentation was a dialogue meant to illustrate the […]

Read the entire post here

«‹ 47 48 49 50 ›»