Blog - Black Hills Information Security

00387_05112019_PODCAST_Weaponizing_Intel

Password Spray, Phishing, Podcasts, Recon, Red Team, Red Team Tools, Social Engineering Beau Bullock, Demos, FireProx, Mike Felch, PII, recon, Social Media, Social Trust Attack, tools

Podcast: Weaponizing Corporate Intel. This Time, It’s Personal!

Beau Bullock & Mike Felch// Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester performs up front. Often times testers only resort to using publicly available tools which can overlook critical assets. Download slides: http://www.activecountermeasures.com/presentations/ In this one-hour BHIS podcast […]

Podcast: Play in new window | Download

Subscribe: Android | RSS

Read the entire post here

How-To, Red Team, Webcasts, Wireless Exfil, Hardware, Paul Clark, Red Team, Software Defined Radio, Wireless

Webcast: Building a Small and Flexible Wireless Exfiltration Box with SDR

Paul Clark// Do you want to know how we learned Software Defined Radio? We learned it from Paul. We also learned by getting our hands dirty with projects. For this webcast (originally recorded live on 4/11/19) , we sit down with Paul as he builds a wireless data exfil box from scratch. It is going […]

Read the entire post here

How-To, Phishing, Recon, Red Team, Red Team Tools, Social Engineering, Webcasts Beau Bullock, Demos, FireProx, Mike Felch, PII, recon, Social Media, Social Trust Attack, tools

Webcast: Weaponizing Corporate Intel. This Time, It’s Personal!

Read the entire post here

How-To, Informational, Red Team How to, Michael Allen, Payload, Red Team, Rubber Ducky, Scan Codes, Teensy, Weaponize, yubikey

How to Weaponize the Yubikey

Michael Allen// A couple years ago, I had a YubiKey that was affected by a security vulnerability, and to fix the issue, Yubico sent me a brand new YubiKey for free. Since I didn’t use the old YubiKey for authentication after receiving the new one, I decided to see if I could turn it into […]

Read the entire post here

C2, External/Internal, How-To, Informational, LLMNR, Password Cracking, Password Spray, Phishing, Recon, Red Team, Red Team Tools, Webcasts Attack Tactics, crackmapexec, Ethical Hacking, HTA, john strand, Jordan Drysdale, Kent Ickler, LLMNR, MailSniper, Password cracking, password spraying, pen-testing, phishing

Webcast: Attack Tactics 5 – Zero to Hero Attack

Timecode links take you to YouTube: 4:11 – Infrastructure & Background8:28 – Overview & Breakdown of Attack Methodology and Plans11:35 – Start of Attack (Gaining Access), Password Spraying Toolkit15:24 – Mailsniper, Retrieve Global Access List21:58 – Lateral Movement, OWA, VPN, SSH27:05 – Scanning/Enumeration, Nmap SSH Brute Force, “Find Open”, Movement, Gaining Access34:07 – Gaining Access, […]

Read the entire post here

External/Internal, How-To, Informational, LLMNR, Red Team exploit, How to, Jordan Drysdale, LLMNR, Red Team, SMB Message Signing

An SMB Relay Race – How To Exploit LLMNR and SMB Message Signing for Fun and Profit

Jordan Drysdale// This is basically a slight update and rip off of Marcello’s work out here: https://byt3bl33d3r.github.io/practical-guide-to-ntlm-relaying-in-2017-aka-getting-a-foothold-in-under-5-minutes.html /tl;dr – Zero to DA on an environment through an exposed OWA and a single factor VPN. An overview of the techniques is chopped from further down, and the attack summary, exists twice in this document: Identify network […]

Read the entire post here

Blue Team, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101 Blue Team, cloud, Google, Red Team

How to Purge Google and Start Over – Part 2

Mike Felch// How to Purge Google and Start Over – Part 1 Brief Recap In part 1, we discussed a red team engagement that went south when the Google SOC joined forces with the SOC of a customer leading to the dismantling of all our compromised accounts, throw-away accounts, and even my work account. My […]

Read the entire post here

Blue Team, General InfoSec Tips & Tricks, How-To, Informational Blue Team, cloud, Google, Mike Felch, privacy, Red Team

How to Purge Google and Start Over – Part 1

Mike Felch// A Tale of Blue Destroying Red Let me start by sharing a story about a fairly recent red team engagement against a highly-secured technical customer that didn’t end so well for me. Their SOC was well-equipped with sophisticated in-house anomaly detection tools, incredible visibility across the organization, and a tenacious incident response team. […]

Read the entire post here

How-To, Informational, InfoSec 101, Webcasts Joff Thyer, Python2, Python3, SEC573, UTF-8

BHIS Webcast: Py2k20 – Transitioning from Python2 to Python3

Joff Thyer// In this webcast, we talk about the 2020 End of Life for Python2. We address what the short, and medium term impacts will likely be. Key language differences will be highlighted with techniques to modify your code to be forward compatible. Download slides: https://www.activecountermeasures.com/presentations/ As a SANS instructor teaching SEC573: Automating Information Security […]

Read the entire post here