How-To

C2, How-To, Red Team C2, C2 over ICMP, command and control, ICMP, Internet Control Message Protocol, Red Team

How To: C2 Over ICMP

Darin Roberts // In previous blogs, I have shown how to get various C2 sessions.  In this blog, I will be showing how to do C2 over ICMP. First, what […]

Read the entire post here

How-To, Password Cracking, Red Team Cleartext, Password Cracker, Password cracking, Red Team, Reversible Encryption

How I Cracked a 128-bit Password

Sally Vandeven// TL;DR – Passwords stored using reversible encryption, even if they are VERY LONG,  can be trivially reversed by an attacker. Password cracking is quite enjoyable. It is very satisfying […]

Read the entire post here

Author, How-To, Informational, InfoSec 101, John Strand, Webcasts career change, Getting into Infosec, getting started, How to get into infosec, starting your career

Webcast: John Strand’s 5 Year Plan into InfoSec, Part 2

John Strand talks about his own journey into information security and shares his suggestions for those wanting to get started from scratch or who are looking to change career tracks. […]

Read the entire post here

Author, Brian King, How-To, Informational, InfoSec 101 FAQ, general infosec, General Questions, getting started, mentor, new to infosec

How to Find an InfoSec Mentor

BB King // We got an email from a fan today asking how best to find a mentor in information security. Maybe you’re looking for a mentor too. It’s a […]

Read the entire post here

How-To, Informational, Red Team pentest report, Pentesting, reports

DOs and DON’Ts of Pentest Report Writing

Melisa Wachs// The first day of school has started for your school-age kiddos. What better time to run through some of our basic reporting guidelines with y’all? Here is a […]

Read the entire post here

Author, Blue Team, How-To, Jordan Drysdale, Kent Ickler, Webcasts Active Directory, AD, AWS, Best Practices, Blue Team, Defender, Federation Services, Firewall, Group Policies, Groups, Infrastructure, Job Functional Roles, Jordan Drysdale, Jugular, Kent Ickler, LAPS, LLMNR, LSDOU, Naming Conventions, security, Sysmon, webcast, webcasts, whitelisting

Active Directory Best Practices to Frustrate Attackers: Webcast & Write-up

Kent Ickler & Jordan Drysdale // BHIS Webcast and Podcast This post accompanies BHIS’s webcast recorded on August 7, 2018, Active Directory Best Practices to Frustrate Attackers, which you can view below. […]

Read the entire post here

Author, Ethan Robish, How-To Socket.io, WebSockets

How to Hack WebSockets and Socket.io

Ethan Robish // WebSockets Overview WebSockets is a technology to allow browsers and servers to establish a single TCP connection and then asynchronously communicate in either direction. This is great […]

Read the entire post here

Blue Team, Finding, General InfoSec Tips & Tricks, How-To, Informational after the pen test, how to deal with you penetration test results, What to do after a penetration test, what to do after a pentest

What to Expect After a Pen Test

Scott Worden* // So you and your company had a pen test…now what? What to do, how to plan, and good SQUIRREL! ways to stay on track.   The 3 […]

Read the entire post here

Author, Blue Team, How-To, Jordan Drysdale Amazon Web Services, AWS, Best Practices, Blue Team, Jordan Drysdale, Scout2

Scout2 Usage: AWS Infrastructure Security Best Practices

Jordan Drysdale// Full disclosure and tl;dr: The NCC Group has developed an amazing toolkit for analyzing your AWS infrastructure against Amazon’s best practices guidelines. Start here: https://github.com/nccgroup/Scout2 Then, access your […]

Read the entire post here