Black Hills Information Security, Inc.
RSS
  • All Services
    • Penetration Testing
    • Continuous Penetration Testing
    • Web Application Testing
    • ActiveSOC
    • Fusion PenTest
    • AI Security Assessments
    • Incident Response
    • Blue Team Services
    • Blockchain Security
    • High-Profile Risk Assessments
    • Complete Service Guide
  • Contact Us
    • Contact Us
    • Email Sign-Up
  • About Us
    • Security Consultants
    • Admin Team
    • ActiveSOC Team
    • Antisyphon Training
    • BHIS Tribe of Companies
  • Free Resources
    • Blogs
    • Free Cybersecurity Tools
    • Free Cybersecurity Webcasts
    • Podcasts
    • RITA
  • Training
    • BHIS & Antisyphon Training
    • WWHF Conference
  • Community
    • Discord
    • LinkedIn
    • YouTube
    • Bluesky
    • Twitter/X
    • Upcoming Events
  • Fun Stuff
    • Backdoors & Breaches
    • Merch, Zines & More
    • PROMPT# Zine
    • REKCAH
    • Books
kape101_header (1)

Blue Team, Blue Team Tools, DFIR, Guest Author, How-To, Incident Response, Informational Artifact Extraction, Gerard Johansen, InfoSec Survival Guide, KAPE, Windows Forensic Artifacts

KAPE 101: A Kroll Artifact Parser and Extractor Cheatsheet

Spend time performing forensic analysis on the Windows Operating System and you’ll see a host of artifacts that can be used to identify adversary activity. From changes to the registry to the System Resource Utilization Monitor, Windows artifacts run deep. The challenge is locating, extracting, and parsing these artifacts in an efficient manner.

Read the entire post here
goldilocks_header (1)

Active SOC, Blue Team, DFIR, Hayden Covington, Incident Response, Informational Alert Traige, Detection Logic, Infosec for Beginners, InfoSec Survival Guide, Orange Book, SIEM

Finding the “Goldilocks” Zone: A Practical Approach to Alert Triage

We’re all petrified about missing a critical event or misclassifying an alert, but when we’re talking about incident response (IR), there are often hundreds if not thousands of alerts to parse through. It’s easy to get caught up with one alert because it feels “too hot” or maybe not spend enough time looking into something that initially seems “too cold.”

Read the entire post here
webapp_header

Finding, Informational, Melissa Bruno, Web App Top 100 Findings

Finding and Addressing Vulnerable and Outdated Web Application Components

Vulnerable and outdated software components are one of the most common issues encountered by BHIS during web application penetration tests. The vast majority of web applications use third-party components such as jQuery, Angular, Bootstrap, or countless other libraries.

Read the entire post here
egress_header

Blue Team, C2, David Fletcher, Finding, Informational Top 100 Findings

Insufficient Egress Filtering: How Weak Outbound Controls Enable Attacks

Insufficient egress filtering is a commonly identified vulnerability found during BHIS penetration tests. The insufficient egress filtering finding indicates that network traffic leaving the organization’s environment is not properly restricted.

Read the entire post here
badge_header

Guest Author, Informational, InfoSec 101, Physical, Social Engineering Badge Security, Infosec for Beginners, Physical Security, Robert Boettger

The Art of the Badge: A Hard Truth About Physical Security

He walked into the lobby with a fake badge clipped to his shirt. He had bought it online the week before. It was not perfect, and it did not need to be. From a few feet away, it looked close enough: a logo, a name, a photo, and a lanyard. The kind of thing most people glance at for half a second before their brain decides, “Looks fine.”

Read the entire post here
cicd_header (1)

Blue Team Tools, External/Internal, InfoSec 301, Recon, Red Team, Red Team Tools attacking, cicd, Defending, devops, GitLab, gogatoz, Phil Miller

Auditing GitLab: The CI/CD Kill Chain

Welcome to GoGatoZ — a purpose-built Go tool for GitLab CI/CD security auditing that can perform and automate the entire CI/CD kill chain along with everything those one-off scripts did and then some.

Read the entire post here
antisocop_header

Corey Ham, Fun & Games, Informational ANTISOC, Continuous Penetration Testing, PROMPT#

Bad Habits: An ANTISOC Operation

ANTISOC uses a mix of techniques from traditional penetration tests like red teams, cloud, web applications, externals, internals, and, of course, social engineering. We combine this mix of techniques with a wide-open scope, with the goal of going beyond what a typical pentest can discover.

Read the entire post here
redblue_header

Active SOC, Blue Team, Informational, Red Team BHISinterviews, Melissa Lauro, purple teaming, Security Operations, SOC

Same Problem, Different Angles: When Red Team and Blue Team Actually Talk to Each Other

There is a certain kind of conversation that doesn’t get written up in a post-mortem, doesn’t generate a ticket, and never makes it into an end-of-quarter report. It happens on the margins—at a conference, in a hallway, or, in this case, at 30,000 feet above sea level. It’s the conversation where two people who are solving the same problem from opposite ends of the table finally sit down next to each other.

Read the entire post here
unmasking_header (1)

Informational, InfoSec 101, Matthew Eidelberg, Red Team, Red Team Tools ANTISOC, Exploits, Infosec for Beginners, PROMPT#, Zine

How to Identify and Exploit New Vulnerabilities

In the ever-evolving world of cybersecurity, staying ahead of the curve is not just a goal—it’s a necessity. As new vulnerabilities emerge, the race to identify and mitigate them begins. But how do we, the guardians of the digital realm, rapidly pinpoint these threats as they become public? Let’s dive into the fascinating world of vulnerability identification and see how the magic happens.

Read the entire post here
1 2 3 4›»

Looking For Something?

Browse by category

Recent Posts

  • kape101_header (1)KAPE 101: A Kroll Artifact Parser and Extractor Cheatsheet
    Spend time performing forensic analysis on the Windows
  • goldilocks_header (1)Finding the “Goldilocks” Zone: A Practical Approach to Alert Triage
    We're all petrified about missing a critical event or
  • webapp_headerFinding and Addressing Vulnerable and Outdated Web Application Components
    Vulnerable and outdated software components are one of

Browse by topic

Active Directory ADHD AI anti-virus Attack Tactics AV Beau Bullock BHIS Blue Team C2 Carrie Roberts cloud Cyber Deception hacking infosec Infosec for Beginners InfoSec Survival Guide Joff Thyer john strand Jordan Drysdale Kent Ickler Kerberos Linux MailSniper Malware Microsoft Nessus Nmap passwords password spraying pen-testing penetration testing pentest Pentesting phishing PowerShell Python Red Team red teaming RITA Sysmon tools webcast webcasts Windows

Archives

Back to top
Black Hills Information Security, Inc.

890 Lazelle Street, Sturgis, SD 57785-1611 | 701-484-BHIS (2447)
© 2008


About Us | BHIS Tribe of Companies | Privacy Policy | Contact

Links
  • YouTube
  • LinkedIn
  • Bluesky
  • Discord
  • X
  • iTunes
Search the site