Informational

Author, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, John Strand ADHD, john strand, Logging, Malware, Sysmon

Getting Started With Sysmon

John Strand // In this blog, I want to walk through how we can set up Sysmon to easily get improved logging over what we get from normal (and just […]

Read the entire post here

00404_09042019_WEBCAST_WindowsloggingsysmonELK (1)

Author, How-To, Informational, John Strand, Webcasts elasticsearch, ELK, HELK, john strand, kibana, Logstash, Sysmon, Windows, Windows logging, Winlogbeat

Webcast: Windows logging, Sysmon, and ELK

Click on the timecodes to jump to that part of the video (on YouTube) Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_WindowsLogginSysmonELK.pdf 4:36 Problem Statement and Executive Problem Statement 9:00 […]

Read the entire post here

Author, Hardware Hacking, How-To, Informational, Physical, Ray Felch, Red Team Tools Embedded systems, hardware hacking, JTAG, JTAGulator, Raymond Felch, reverse engineering, UART

How to Hack Hardware using UART

Raymond Felch // Preface: I began my exploration of reverse-engineering firmware a few weeks back (see “JTAG – Micro-Controller Debugging“), and although I made considerable progress finding and identifying the […]

Read the entire post here

00402_08302019_WEBCAST_ImplementingSysmon

Author, How-To, Informational, John Strand, Red Team Tools, Webcasts applocker, Bypassing, Group Policies, group policy, john strand, Logging, Malware, Sysmon, whitelisting, Windows

Webcast: Implementing Sysmon and Applocker

Click on the timecodes to jump to that part of the video (on YouTube) Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_ImplementingSysmonAppLocker.pdf 5:03 Introduction, problem statement, and executive problem […]

Read the entire post here

Author, Hardware Hacking, How-To, Informational, Ray Felch debugging, hardware hacking, JTAG, JTAGulator, picocom, Raymond Felch

JTAG – Micro-Controller Debugging

Raymond Felch // Being an embedded firmware engineer for most of my career, I quickly became fascinated when I learned about reverse engineering firmware using JTAG. I decided to […]

Read the entire post here

Author, How-To, Informational, Jordan Drysdale AWS EC2, AWS EMR, Coordinated disclosure, Jordan Drysdale, Nessus, Nmap, pentest, securing the Internet

Securing the Cloud: A Story of Research, Discovery, and Disclosure

Jordan Drysdale // tl;dr BHIS made some interesting discoveries while working with a customer to audit their Amazon Web Services (AWS) infrastructure. At the time of the discovery, we found […]

Read the entire post here

00399_08192019_WEBCAST_WeaponizingAD (1)

Author, David Fletcher, How-To, Informational, Red Team Tools, Webcasts Active Directory, CredDefense Toolkit, David Fletcher, kerberoasting, password spraying, ResponderGuard

Webcast: Weaponizing Active Directory

Click on the timecodes to jump to that part of the video (on YouTube) Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_WeaponizingActiveDirectory.pdf 0:54 Background behind this webcast, what and […]

Read the entire post here

00398_08152019_UsingCloudFrontRelayCobaltStrike

Author, Brian Fehrman, C2, How-To, Informational, Red Team, Red Team Tools Brian Fehrman, CloudFront, cobalt strike, Domain Fronting

Using CloudFront to Relay Cobalt Strike Traffic

Brian Fehrman // Many of you have likely heard of Domain Fronting. Domain Fronting is a technique that can allow your C2 traffic to blend in with a target’s traffic […]

Read the entire post here

General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101 Github, PyFunnels, Python3, TJ Nicholls, Tool Output

PyFunnels: Data Normalization for InfoSec Workflows

TJ Nicholls // *BHIS Guest Contributor TL;DR How many times have you had to parse the same output from a tool? Wouldn’t you like to get that time back? There […]

Read the entire post here

«‹ 37 38 39 40 ›»