Want to learn HOW TO do something? This is a great place to start!
Hardware Hacking with Shikra
Rick Wisser// Comparing Apples to Oranges (Bus Pirate vs Shikra) this a Hardware Hacking 101 webcast follow up blog post. I recently did a hardware hacking webcast on hacking a router with the Bus Pirate. The webcast can be found at https://www.blackhillsinfosec.com/webcast-hardware-hacking-101/. In the webcast I made a comment on how long it took to dump the firmware […]
Defusing a Bomb Through Trigger Bypasses and Sensors
Mike Felch // Meet ‘The Box’ Bomb For the last few years at the security conference DEF CON in Las Vegas, the Tamper Resistant Village has hosted a challenging contest called ‘The Box’ where contestants mimic an EOD technician in an attempt to defuse a bomb. The fake bomb consists of trigger sensors, traps, electronic components, and locks, that […]
WEBCAST: Attack Tactics Part 2
John Strand // This is the second part of our series about Attack Tactics, sponsored by our sister company, Active Countermeasures. In the first part we discussed how we’d attack. Now, we cover the same attack, but this time we are covering the defensive components the organization could have implemented to stop us every step […]
Bypassing Cylance: Part 3 – Netcat & Nishang ICMP C2 Channel
David Fletcher // The following techniques serve to illustrate methods for obtaining C2 communication in a particular Cylance protected environment. The configuration of the centralized infrastructure and the endpoint agents were not inspected prior to testing. The environment may exhibit configuration errors and may not conform with best practice for deployment of Cylance infrastructure. However, […]
How to Bypass Anti-Virus to Run Mimikatz
Carrie Roberts // * Would you like to run Mimikatz without Anti-Virus (AV) detecting it? Recently I attempted running the PowerShell script “Invoke-Mimikatz” from PowerSploit on my machine but it was flagged by Windows Defender as malicious when saving the file to disk. Even when I ran this file without writing it to disk using the […]
What’s trust among schoolchildren: Kerberos Authentication Explained
Logan Lembke // Kerberos authentication can be daunting but is an important protocol to understand for any IT professional, and especially important in the field of information security. While you may not hear about Kerberos often, you probably have heard about its largest implementation: Windows Active Directory. Since Windows 2000, Kerberos has been the default […]
Lawrence’s List 072216
Lawrence Hoffman // The list this week is a little shorter, I didn’t include a tool or POC link as I usually do. No particular reason, just didn’t run across one I felt like I could talk about directly. Among the articles this week we see legal actions, leaked data, an openssh user enumeration, and […]
WEBCAST: A Powerful New Tool – PowerLine!
Brian Fehrman // Running into environments where the use of PowerShell is being monitored or is just flat-out disabled? Have you tried out the fantastic PowerOps framework but are wishing you could use something similar via Meterpreter, Empire, or other C2 channels? Look no further! In this talk, Brian Fehrman talks about his new PowerLine […]
Go Ahead, Make Our Day
Sally Vandeven & the BHIS Team // I was recently on an assessment where I was able to grab all the password hashes from the domain controller. When I extracted the hashes and saw that they were storing LANMAN hashes alongside the NTLM hashes I thought to myself …. Wow. I LOVE my job! There are many moments […]
