Hello and welcome! My name is John Strand. In this video, we’re going to be talking about using SpiderTrap to entrap and ensnare any web application pentesters or hackers that are trying to come into your web applications. Now, for this particular video, we’re going to be using the Active Defense Harbinger Distribution, or ADHD, […]
The team at Black Hills Information Security and Wild West Hackin’ Fest had to pivot from doing an in-person information security conference in San Diego to a 100% virtual conference with 6 days of notice. We had a little bit of experience doing a hybrid in-person/virtual conference in November 2019 (with 10 days’ notice). The […]
Podcast: Play in new window | Download
David Fletcher // With so many organizations transitioning to remote work in order to stem the tide of COVID-19 infections, we wanted to cover some of the configuration elements you should be considering to ensure that your network perimeter is properly protected. Employee remote access is often a target for attackers looking to gain initial […]
Hello and welcome! My name is John Strand, and in this video, we’re going to be talking about tripwire Honeyports. Now, this is a lab that’s used in ADHD. This is the virtual machine that we use in my classes that we teach at Wild West Hackin’ Fest and also at Black Hat. But in […]
Hello and welcome, my name is John Strand and in this video, we’re going to be talking about RITA, Real Intelligence Threat Analytics and how it can quickly do DNS analysis to find DNS backdoors in your environment. So once again we are using ADHD, if you want to find ADHD just go to ActiveCountermeasures.com […]
In this webcast, we will cover what we can do if we think there is a breach on our network. We will cover live forensics, cool PowerShell scripts, network, and event log analysis, cool IR spreadsheets, and checklists. We will also be covering the status of our ELK project for reviewing Event ID 3 from […]
Podcast: Play in new window | Download
Ray Felch // Preface: Following the work of the Bastille Research Group (See: https://github.com/BastilleResearch/mousejack), I was interested in knowing if these (keyboard injection) vulnerabilities were still valid. To my surprise, I was able to duplicate the attack on an inexpensive Logitech keyboard that I already had in my possession. This keyboard (Logitech K400r) is still […]
Hello and welcome, my name is John Strand and in this video, we’re going to be talking a little bit about beaconing using RITA. Now, for this particular video, I’m not using the security onion, instead we’re going to be using ADHD. If you want to find ADHD, go to the ActiveCountermeasures.com website. Go to […]
Hello and welcome, my name is John Strand and in this video, we’re going to be getting started with Wireshark. Now, Wireshark is very similar to TCPDump, in fact, a lot of people actually prefer Wireshark to TCPDump, but I look at them as two completely different utilities. TCPDump is fantastic for creating scripts, going […]
