Pink Teaming: The Dilution of Pentesting
John Strand // There have been a few conversations at conferences and meet-ups over the past year or so about the validity of penetration testing. There are many things on […]
Pentesting
Android Dev & Penetration Testing Setup – Part 2: Installing Android Studio
Joff Thyer // Editor’s Note: This is part 2 of a 3 part series. Part 1 discussed configuring your virtual machine engine and virtual hardware emulation. Part 2 (this part) covers […]
Android Dev & Penetration Testing Setup – Part 1
Joff Thyer // Editor’s Note: This is part 1 of a 3 part series. Part 1 will discuss configuring your virtual machine engine and virtual hardware emulation. Part 2 covers installing […]
A Marketer’s Lessons in Con Artistry for Good & Learning
Sierra Ward* // Normally I am hidden in the back rooms at BHIS, chipping away at 10 million marketing tasks. I show up occasionally in webcasts, lurking again in the shadows, […]
Bugging Microsoft Files: Part 1 – Docx Files using Microsoft Word
Ethan Robish // If you’re familiar with ADHD and Web Word Bugs, you likely already know the method to create web tracking software using .html files renamed as .doc files. […]
How to Not Suck at Reporting (or How to Write Great Pentesting Reports)
David Fletcher // Reporting is a penetration testing topic that doesn’t have a whole lot of popularity. People have a hard time being inspired to write about the technical details of […]
How to Take Advantage of Weak NTFS Permissions
David Fletcher // Weak NTFS permissions can allow a number of different attacks within a target environment. This can include: Access to sensitive information Modification of system binaries and configuration […]
Ten years later… Memories from Pentesting Past
John Strand // So, I have passed the timeframe where I have been actively penetration testing for over a decade…. I have a large number of pretty strongly held beliefs […]
John’s Talk from DerbyCon 2016
John Strand //