How to Root Android Phones
This blog will cover how to root an AVD emulator and a physical Pixel 6. But before we cover those topics, let’s cover what it is we will be doing and some of the pro/cons of rooting an Android phone.
Communicating Security to the C-Suite: A Strategic Approach
Engaging with the C-suite is not just about addressing security concerns or defending budget requests. It’s about establishing and maintaining an ongoing discussion that aims to align security objectives with the interests of the business.
Offline Memory Forensics With Volatility
Volatility is a memory forensics tool that can pull SAM hashes from a vmem file. These hashes can be used to escalate from a local user or no user to a domain user leading to further compromise.
Getting Started with AI Hacking: Part 1
You may have read some of our previous blog posts on Artificial Intelligence (AI). We discussed things like using PyRIT to help automate attacks. We also covered the dangers of […]
Go-Spoof: A Tool for Cyber Deception
Go-Spoof brings an old tool to a new language. The Golang rewrite [of Portspoof] provides similar efficiency and all the same features of the previous tool but with easier setup and useability.
How to Test Adversary-in-the-Middle Without Hacking Tools
In this video, Michael Allen discusses how to test Adversary-in-the-Middle attacks without using hacking tools. He delves into the intricacies of credential harvesting, the evolution of multi-factor authentication (MFA), and how attackers adapt their strategies to bypass security measures.
Canary in the Code: Alert()-ing on XSS Exploits
I’ve been a web application pentester for a while now and over the years must have found hundreds of cross-site scripting (XSS) vulnerabilities.1 Cross-site scripting is a notoriously difficult problem […]
How to Hack Wi-Fi with No Wi-Fi
In this video, John Strand and his team discuss the challenges of setting up and running wireless labs, particularly focusing on the issues faced during Wild West Hackin’ Fest events. They highlight the development of an open-source project aimed at virtualizing wireless labs, which allows learners to practice wireless hacking techniques without needing physical hardware.
Why Your Org Needs a Penetration Test Program
This webcast originally aired on February 27, 2025. Join us for a very special free one-hour Black Hills Information Security webcast with Corey Ham & Kelli Tarala on why your […]