Blog - Black Hills Information Security

Blue Team, General InfoSec Tips & Tricks, How-To, InfoSec 101, Red Team, Webcasts Backdoors, Beta Version, Breaches, Card Game, Coming Soon, Cubicles and Compromises, Incident Handling, Incident Response, john strand, SEC504

Webcast: Introducing Backdoors & Breaches Incident Response Card Game

This webcast was original given live on June 5th, 2019 by John Strand and the BHIS (card) Testers. Download slides: https://www.activecountermeasures.com/presentationsRequest a deck of B&B cards (Coming in Sept): https://www.blackhillsinfosec.com/contact-usAlso check out Cubicles & Compromises: https://www.blackhillsinfosec.com/dungeons-dragons-meet-cubicles-compromises So we have been working on a card game for Incident Response over the past few months and it […]

Read the entire post here

How-To, Informational, LLMNR, Red Team, Red Team Tools, Webcasts ARP Cache Poisoning, GPP, john strand, Justin Angel, LaBrea Tar Pits, LLMNR, mDNS, SNAC, Stale Network Address Configuration, WPAD

Webcast: How to attack when LLMNR, mDNS, and WPAD attacks fail – eavesarp (Tool Overview)

Click on the timecodes to jump to that part of the video (on YouTube) 2:26 Introduction, background history covering LaBrea Tar Pits and ARP Cache Poisoning and how they relate to this webcast and how “eavesarp” basically works. 14:15 Demo of “eavesarp” against a Stale Network Address Configuration (SNAC) attack. 28:45 Q&A This webcast was […]

Read the entire post here

How-To, Informational, Red Team, Red Team Tools ARP, BruteLoops, eavesarp, Justin Angel, MailSniper, netdiscover, SNAC, swisslogger

Analyzing ARP to Discover & Exploit Stale Network Address Configurations

Justin Angel// Introduction In penetration testing, ARP is most commonly discussed in terms of poisoning attacks where an attacker achieves a man-in-the-middle (MITM) position between victim nodes by contaminating the ARP cache tables of neighboring hosts. While initially inspired by this technique and the desire to derive a means of passively obtaining a list of […]

Read the entire post here

How-To, Informational, Red Team, Red Team Tools Beau Bullock, Check-LocalAdminHash, Invoke-TheHash, PowerShell, PowerView, PSReadline, TL;DR

Check-LocalAdminHash & Exfiltrating All PowerShell History

Beau Bullock// TL;DR Check-LocalAdminHash is a new PowerShell script that can check a password hash against multiple hosts to determine if it’s a valid administrative credential. It also has the ability to exfiltrate all PowerShell PSReadline console history files from every profile on every system that the credential provided is an administrator of. Get Check-LocalAdminHash […]

Read the entire post here

Blue Team, DNSTAP, How-To, Informational, Recon, Red Team BIND, DNS, DNSTAP, Farsight Security, Joff Thyer, Logging, Paul Vixie

Tap Into Your Valuable DNS Data

Joff Thyer// The Domain Name System (DNS) is the single most important protocol on the Internet. The distributed architecture of DNS name servers and resolvers has resulted in a resilient and highly scalable system that is largely unchanged from the early days of NSFNET. It is a unique solution that allows domain holders to manage […]

Read the entire post here

Blue Team, Blue Team Tools, How-To, Informational, Podcasts Attack Tactics, BHIS, Blue Team, Defenses, john strand, Jordan Drysdale, Kent Ickler, podcast

Podcast: Attack Tactics 6! Return of the Blue Team

Download slides: https://www.activecountermeasures.com/presentations In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed in Attack Tactics Part 5!!! Originally recorded as a live webcast on May 16th, 2019Presented by: John Strand, Jordan Drysdale, Kent Ickler Join the BHIS Blog Mailing List – get notified when […]

Podcast: Play in new window | Download

Subscribe: Android | RSS

Read the entire post here

Blue Team, How-To, Informational, Webcasts Attack Tactics, Blue Team, canary tokens, cobalt strike, crackmapexec, Defenses, fixthefuture, honey accounts, john strand, Jordan Drysdale, Kent Ickler, LLMNR, MailSniper, RITA, ssh brute force

Webcast: Attack Tactics 6! Return of the Blue Team

Download slides: https://www.activecountermeasures.com/presentations In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed in Attack Tactics Part 5!!! Timecode links take you to YouTube: 2:53 Introduction, password spray toolkit, account lockout, honey accounts, canary tokens, and two factor authorization 12:00 PCI #fixthefuture , two […]

Read the entire post here

00387_05112019_PODCAST_Weaponizing_Intel

Password Spray, Phishing, Podcasts, Recon, Red Team, Red Team Tools, Social Engineering Beau Bullock, Demos, FireProx, Mike Felch, PII, recon, Social Media, Social Trust Attack, tools

Podcast: Weaponizing Corporate Intel. This Time, It’s Personal!

Beau Bullock & Mike Felch// Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester performs up front. Often times testers only resort to using publicly available tools which can overlook critical assets. Download slides: http://www.activecountermeasures.com/presentations/ In this one-hour BHIS podcast […]

Podcast: Play in new window | Download

Subscribe: Android | RSS

Read the entire post here

How-To, Red Team, Webcasts, Wireless Exfil, Hardware, Paul Clark, Red Team, Software Defined Radio, Wireless

Webcast: Building a Small and Flexible Wireless Exfiltration Box with SDR

Paul Clark// Do you want to know how we learned Software Defined Radio? We learned it from Paul. We also learned by getting our hands dirty with projects. For this webcast (originally recorded live on 4/11/19) , we sit down with Paul as he builds a wireless data exfil box from scratch. It is going […]

Read the entire post here