WifiForge – WiFi Exploitation for the Classroom
by William Oldert // BHIS Intern BHIS had a problem. We needed an environment for students to learn WiFi hacking safely. Our original solution used interconnected physical network gear […]
Red Team
Auditing GitLab: Public Gitlab Projects on Internal Networks
A great place that can sometimes be overlooked on an internal penetration test are the secrets hidden in plain sight. That is, a place where no authentication is required in […]
How to Install LineageOS on Your Android Device
Hey guys, my name is Connor. I am a web developer here at BHIS who also loves hacking phones. Particularly, Android phones! Today, I am going to show you the basics […]
Introducing SlackEnum: A User Enumeration Tool for Slack
Recently, as part of our ANTISOC Continuous Penetration Testing (CPT) service, I had an opportunity to investigate how attackers can leverage Slack in cyber-attacks, similar to how we frequently use […]
Augmenting Security Testing and Analysis Activities with Microsoft 365 Products
Use of Microsoft 365 products in security testing is not a new concept. For a long time, I’ve incorporated various activities using Office products into my testing regimen. In the […]
DLL Jmping: Old Hollow Trampolines in Windows DLL Land
DLL hollowing is an age-old technique used by malware authors to have a memory-backed shellcode. However, defensive mechanisms like CFG and XFG have made it incredibly difficult to implement such […]
Abusing Active Directory Certificate Services (Part 4)
Start this blog series from the beginning here: PART 1 Misconfigurations in Active Directory Certificate Services (ADCS) can introduce critical vulnerabilities into an Enterprise environment. In this article, we will […]
Offensive IoT for Red Team Implants (Part 3)
This is part three of the blog series, Offensive IoT for Red Team Implants. We will be building off from where we left off in the last post, which can […]
Introducing Squeegee: The Microsoft Windows RDP Scraping Utility
Hi, it’s David with BHIS! You’ll be saying, “Wow,” every time you use this tool. It’s like a shammy. It’s like a towel. It’s like a sponge. A regular towel […]