Offline Memory Forensics With Volatility
Volatility is a memory forensics tool that can pull SAM hashes from a vmem file. These hashes can be used to escalate from a local user or no user to a domain user leading to further compromise.
Red Team Tools
How to Hack Wi-Fi with No Wi-Fi
In this video, John Strand and his team discuss the challenges of setting up and running wireless labs, particularly focusing on the issues faced during Wild West Hackin’ Fest events. They highlight the development of an open-source project aimed at virtualizing wireless labs, which allows learners to practice wireless hacking techniques without needing physical hardware.
Gone Phishing: Installing GoPhish and Creating a Campaign
GoPhish provides a nice platform for creating and running phishing campaigns. This blog will guide you through installing GoPhish and creating a campaign.
DLL Hijacking – A New Spin on Proxying your Shellcode
This webcast was originally published on October 4, 2024. In this video, experts delve into the intricacies of DLL hijacking and new techniques for malicious code proxying, featuring a comprehensive […]
Blue Team, Red Team, and Purple Team: An Overview
By Erik Goldoff, Ray Van Hoose, and Max Boehner || Guest Authors This post is comprised of 3 articles that were originally published in the second edition of the InfoSec […]
Proxying Your Way to Code Execution – A Different Take on DLL Hijacking
While DLL hijacking attacks can take on many different forms, this blog post will explore a specific type of attack called DLL proxying, providing insights into how it works, the potential risks it poses, and briefly the methodology for discovering these vulnerable DLLs, which led to the discovery of several zero-day vulnerable DLLs that Microsoft has acknowledged but opted to not fix at this time.
WifiForge – WiFi Exploitation for the Classroom
by William Oldert // BHIS Intern BHIS had a problem. We needed an environment for students to learn WiFi hacking safely. Our original solution used interconnected physical network gear […]
Introducing SlackEnum: A User Enumeration Tool for Slack
Recently, as part of our ANTISOC Continuous Penetration Testing (CPT) service, I had an opportunity to investigate how attackers can leverage Slack in cyber-attacks, similar to how we frequently use […]
DLL Jmping: Old Hollow Trampolines in Windows DLL Land
DLL hollowing is an age-old technique used by malware authors to have a memory-backed shellcode. However, defensive mechanisms like CFG and XFG have made it incredibly difficult to implement such […]