Want to learn HOW TO do something? This is a great place to start!

BHIS PODCAST: Tracking attackers. Why attribution matters and how to do it.
In this BHIS podcast, originally recorded as a live webcast, we cover some new techniques and tactics on how to track attackers via various honey tokens. We cover how to track with Word Web Bugs in ADHD, and cover the awesome toolkit from Thinkst. We also cover some of the legal ramifications involved in doing […]
Podcast: Play in new window | Download
Subscribe: RSS

Introducing MailSniper: A Tool For Searching Every User’s Email for Sensitive Data
Beau Bullock // TL;DR MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an Exchange administrator to search the mailboxes of every user in […]

WEBCAST: Sacred Cash Cow Tipping 2016
John Strand with BHIS testers // Yes, we did this in 2017, but it’s reflecting work done in 2016.

Hacking Like It’s 1999
Lawrence Hoffman // Last week a friend stopped by my desk with a worried look on his face. He knelt down and showed me the screen of his laptop where there was a virtual terminal open: After looking I asked what the system did, he said it was just a GitLab server for a personal […]

Domain User Enumeration
Chevy Swanson // Everyone loves being able to speed up their work with custom tools, but the clear problem is that computers are a bit too fussy about everything being perfect and exact. One very specific place where this problem comes up is when working with users on a domain. No matter how you try to […]

PODCAST: Active Directory Best Practices that Frustrate Pentesters
// Jordan Drysdale and Kent Ickler talk about Best Practices for setting up Active Directory. Bre joins as fake Sierra to host and ask questions from the audience since real Sierra was on vacation. See the webcast and Kent’s show notes here.
Podcast: Play in new window | Download
Subscribe: RSS

Webcast: Attack Tactics 7 – The Logs You Are Looking For
Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_AttackTactics7LogsYouAreLookingFor.pdf So we went through an attack in the BHIS Webcast, “Attack Tactics 5! Zero to Hero Attack.” Then we went through the defenses in a follow-up webcast, “Attack Tactics 6! Return of the Blue Team,” and now we need to have a talk about logs. Here […]

Empire Resource Files and Auto Runs
Carrie Roberts* // I have added resource file and autorun functionality to PowerShell Empire. Empire now has the ability to run multiple commands at once by specifying the commands in a resource file. You can use this feature to automate the startup of your listeners and perform other tasks. In addition, you can specify multiple […]