Informational

How-To, Informational C2, command and control, PowerShell Empire, SSH, SSHazam

SSHazam: Hide Your C2 Inside of SSH

Carrie Roberts //* SSHazam is a method of running any C2 tool of your choice inside a standard SSH tunnel to avoid network detections. The examples here involve running PowerShell […]

Read the entire post here

Fun & Games, Informational, Social Engineering general infosec, informational, social engineering

Social Engineering in Japan

Kelsey Bellew//* It’s an occupational hazard to see vulnerabilities everywhere. When I see a router sitting in plain sight I think, “The default creds are probably printed on the back; […]

Read the entire post here

How-To, Informational Healthy, Healthy Hacking, Tips and Tricks, Treadmill

Healthy Hacking with the Treadmill Elliptical Desk: My journey to staying healthy while hacking!

Carrie Roberts*// I’m a red teamer, I love my job but I spend way too much time at a desk in front of a computer. This year I wanted to […]

Read the entire post here

Author, Informational, Joff Thyer, Red Team Dropbox, Man-in-the-Middle, MITM, penetration tester, pentest, pentesting dropbox

Pentesting Dropbox on Steroids

Joff Thyer// Many of you have probably already looked at Beau Bullock’s fine blog entry on a penetration testing dropbox. Beau has some excellent guidance on how to build the […]

Read the entire post here

Author, Informational, Jordan Drysdale, Kent Ickler, Webcasts Blue Team, Networking, Nmap, password policy, Patching, Sysadmins, webcast, webcasts

WEBCAST: Blue Team-Apalooza

Kent Ickler & Jordan Drysdale // Preface We had a sysadmin and security professional “AA” meeting on November 8, 2018. We met and discussed things that seem to be painfully […]

Read the entire post here

Fun & Games, Informational

Wild West Hackin’ Fest 2018

Bronwen Aker* // For those of you not fortunate enough to attend, this year’s Wild West Hackin’ Fest (WWHF) was phenomenal, featuring speakers from diverse aspects of information security, workshops, […]

Read the entire post here

Informational, InfoSec 101 career path in infosec, FAQ, getting in to infosec, information security, infosec, infosec 101

A Career in Information Security: FAQ (Part 2)

Staff// If you missed part one, you can get caught up here: www.blackhillsinfosec.com/a-career-in-information-security-faq-part-1/ Let’s jump straight back in to the Q & A! 4)What are some of the college courses that […]

Read the entire post here

Informational, InfoSec 101 career path, college, FAQ, Getting into Infosec, getting started, infosec 101

A Career in Information Security: FAQ (Part 1)

Staff// We recently received an email from someone working on their degree who had some questions for whichever tester we could round up. They were great questions and since we […]

Read the entire post here

Author, How-To, Informational, InfoSec 101, John Strand, Webcasts career change, Getting into Infosec, getting started, How to get into infosec, starting your career

Webcast: John Strand’s 5 Year Plan into InfoSec, Part 2

John Strand talks about his own journey into information security and shares his suggestions for those wanting to get started from scratch or who are looking to change career tracks. […]

Read the entire post here