Offensive IoT for Red Team Implants (Part 3)
This is part three of the blog series, Offensive IoT for Red Team Implants. We will be building off from where we left off in the last post, which can […]
Informational
Introducing Squeegee: The Microsoft Windows RDP Scraping Utility
Hi, it’s David with BHIS! You’ll be saying, “Wow,” every time you use this tool. It’s like a shammy. It’s like a towel. It’s like a sponge. A regular towel […]
Offensive IoT for Red Team Implants (Part 2)
This is Part Two of the blog series, Offensive IoT for Red Team Implants, so if you have not read PART ONE, I would encourage you do to so first […]
Deploy an Active Directory Lab Within Minutes
Creating your own lab can sound like a daunting task. By the end of this blog post, you will be able to deploy your own Active Directory (AD) environment in […]
Red Teaming: A Story From the Trenches
This article originally featured in the very first issue of our PROMPT# zine — Choose Wisely. You can find that issue (and all the others) here: https://www.blackhillsinfosec.com/prompt-zine/ I remember a […]
How to Install and Perform Wi-Fi Attacks with Wifiphisher
tl;dr: Install Wifiphisher on Kali and run a basic attack. This crappy little copy/paste-able operation resulted in a functional Wifiphisher virtual environment on Kali (as of January 22, 2024). Two […]
The Human Element in Cybersecurity: Understanding Trust and Social Engineering
Human Trust Most people associated with information technology roles understand the application of technical controls like the use of firewalls, encryption, and security products for defenses against digital threats. Proper […]
In Through the Front Door – Protecting Your Perimeter
While social engineering attacks such as phishing are a great way to gain a foothold in a target environment, direct attacks against externally exploitable services are continuing to make headlines. […]
OSINT for Incident Response (Part 2)
Be sure to read PART 1! Metadata and a New-Fashioned Bank Robbery Let’s face it, some cases are just more interesting than others and, when you do incident response for […]