Informational

Cameron Cartier, Dave Blandford, Informational, Mobile Flutter, proxy, traffic interception

Intercepting Traffic for Mobile Applications that Bypass the System Proxy

This is a foolproof guide to intercepting traffic from mobile applications built on Flutter, which historically have been especially challenging to intercept.

Read the entire post here

Dave Blandford, Informational, Mobile Android, root, root user, Rooting, superuser

How to Root Android Phones

This blog will cover how to root an AVD emulator and a physical Pixel 6. But before we cover those topics, let’s cover what it is we will be doing and some of the pro/cons of rooting an Android phone.

Read the entire post here

Blue Team, Dale Hobbs, Informational, InfoSec 101 Boardroom Cybersecurity, Business-Driven Security, C-Suite Engagement, Cyber Risk Awareness, Cybersecurity Communication, Executive Buy-In, Financial Impact of Cybersecurity, Risk Management, Security Leadership, Security Strategy

Communicating Security to the C-Suite: A Strategic Approach

Engaging with the C-suite is not just about addressing security concerns or defending budget requests. It’s about establishing and maintaining an ongoing discussion that aims to align security objectives with the interests of the business.

Read the entire post here

Ben Bowman, How-To, Informational, Red Team, Red Team Tools Forensics, Memory Forensics, Volatility

Offline Memory Forensics With Volatility

Volatility is a memory forensics tool that can pull SAM hashes from a vmem file. These hashes can be used to escalate from a local user or no user to a domain user leading to further compromise.

Read the entire post here

Blue Team, Blue Team Tools, How-To, Informational, Jack Hyland, Web App cross-site scripting, xsscanary

Canary in the Code: Alert()-ing on XSS Exploits

I’ve been a web application pentester for a while now and over the years must have found hundreds of cross-site scripting (XSS) vulnerabilities.1 Cross-site scripting is a notoriously difficult problem […]

Read the entire post here

Ben Bowman, How-To, Informational, John Strand, Red Team Tools, Webcast Wrap-Up Joseph Boyd, Wi-Fi Forge

How to Hack Wi-Fi with No Wi-Fi

In this video, John Strand and his team discuss the challenges of setting up and running wireless labs, particularly focusing on the issues faced during Wild West Hackin’ Fest events. They highlight the development of an open-source project aimed at virtualizing wireless labs, which allows learners to practice wireless hacking techniques without needing physical hardware.

Read the entire post here

Informational, InfoSec 301, Webcast Wrap-Up, Webcasts Dark Web, Tor

Light at the End of the Dark Web

Join us for this one-hour Black Hills Information Security webcast with Joseph – Security Analyst, as he shares with you what he’s discovered and learned about the Dark Web, so you never ever ever have to go there for yourself.

Read the entire post here

Ben Bowman, Hardware Hacking, Informational, Wireless wi-fi, Wi-Fi Forge

Wi-Fi Forge: Practice Wi-Fi Security Without Hardware

In the world of cybersecurity, it’s important to understand what attack surfaces exist. The best way to understand something is by first doing it. Whether you’re an aspiring penetration tester, […]

Read the entire post here