Black Hills Information Security, Inc.
RSS
  • All Services
    • Penetration Testing
    • Continuous Penetration Testing
    • Web Application Testing
    • Active SOC
    • Fusion PenTest
    • AI Security Assessments
    • Incident Response
    • Blue Team Services
    • Blockchain Security
    • High-Profile Risk Assessments
    • Complete Service Guide
  • Contact Us
    • Contact Us
    • Email Sign-Up
  • About Us
    • Security Consultants
    • Admin Team
    • Active SOC Team
    • Antisyphon Training
    • BHIS Tribe of Companies
  • Free Resources
    • Blogs
    • Free Cybersecurity Tools
    • Free Cybersecurity Webcasts
    • Podcasts
    • RITA
  • Training
    • BHIS & Antisyphon Training
    • WWHF Conference
  • Community
    • Discord
    • LinkedIn
    • YouTube
    • Bluesky
    • Twitter/X
    • Upcoming Events
  • Fun Stuff
    • Backdoors & Breaches
    • Merch, Zines & More
    • PROMPT# Zine
    • REKCAH
    • Books
BLOG_chalkboard_00709

Brian Fehrman, How-To, Informational AI, Artificial Intelligence, LangChain, LangSmith, Large Language Models, LLM, Machine Learning, Ollama, RAG, Retrieval-Augmented Generation

Avoiding Dirty RAGs: Retrieval-Augmented Generation with Ollama and LangChain

RAG connects pre-trained LLMs with current data sources. Moreover, a RAG system can use many data sources.

Read the entire post here
BLOG_chalkboard_00708

External/Internal, How-To, Informational, Nick Caswell, Phishing, Red Team, Red Team Tools, Social Engineering GoPhish, Mail Security, Phishing Campaign

Gone Phishing: Installing GoPhish and Creating a Campaign

GoPhish provides a nice platform for creating and running phishing campaigns. This blog will guide you through installing GoPhish and creating a campaign. 

Read the entire post here
Rant_header

Blue Team, Incident Response, John Strand, Red Team, Webcast Wrap-Up AI, cloud, penetration testing

5 Things We Are Going to Continue to Ignore in 2025

In this video, John Strand discusses the complexities and challenges of penetration testing, emphasizing that it goes beyond just finding and exploiting vulnerabilities.

Read the entire post here
promptplan_header (1)

General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, John Strand Infosec for Beginners, PROMPT#, SOC Issue

John Strand’s 5 Phase Plan For Starting in Computer Security

This article was originally published in the SOC Issue of our PROMPT# zine, which you can read for free HERE. The information was adapted from the 2018 webcast “John Strand’s […]

Read the entire post here
promptthreat_header

Hunt Teaming, Informational, InfoSec 101 Beginner, On the Hunt, PROMPT#, Q&A, threat hunting

Questions From a Beginner Threat Hunter

Answered by Chris Brenton of Active Countermeasures | Questions compiled from the infosec community by Shelby Perry This article was originally published in the Threat Hunting issue of our infosec […]

Read the entire post here
WC_wrap-up_W0015

CJ Cox, GRC, Wrap-Up Compliance, Governance, Kelli Tarala, Risk

GRC for Security Managers: From Checklists to Influence

This webcast was originally aired on January 16, 2025. In this video, Kelli K. Tarala and CJ Cox discuss the challenges and strategies for improving governance, risk, and compliance (GRC) […]

Read the entire post here
BLOG_chalkboard_00706

How-To, Informational, InfoSec 301, Joff Thyer AI, AI Model Training, LLM

AI Large Language Models and Supervised Fine Tuning

This blog post is aimed at the intermediate level learner in the fields of data science and artificial intelligence. If you would like to read up on some fundamentals, here […]

Read the entire post here
WC_wrap-up_W0014

Informational, Jordan Drysdale, Kent Ickler, Red Team Active Directory, AD, penetration testing, Pentesting, Shadow Credentials

Attack Tactics 9: Shadow Creds for PrivEsc w/ Kent & Jordan

In this video, Kent Ickler and Jordan Drysdale discuss Attack Tactics 9: Shadow Credentials for Primaries, focusing on a specific technique used in penetration testing services at Black Hills Information Security

Read the entire post here
AD_Warning_header

Blue Team, Blue Team Tools, How-To, Informational, InfoSec 201, Jordan Drysdale

One Active Directory Account Can Be Your Best Early Warning

Here we go again, discussing Active Directory, hacking, and detection engineering. tl;dr: One AD account can provide you with three detections that if implemented properly will catch common adversarial activities […]

Read the entire post here
«‹ 9 10 11 12›»

Looking For Something?

Browse by category

Recent Posts

  • webapp_headerFinding and Addressing Vulnerable and Outdated Web Application Components
    Vulnerable and outdated software components are one of
  • egress_headerInsufficient Egress Filtering: How Weak Outbound Controls Enable Attacks
    Insufficient egress filtering is a commonly identified
  • _aipentest_headerEveryone’s Selling AI That Kills Pentesting. We Built One That Doesn’t.
    What we built, Fusion AI, runs at about a third the

Browse by topic

Active Directory ADHD AI anti-virus Attack Tactics AV Beau Bullock BHIS Blue Team C2 Carrie Roberts cloud Cyber Deception hacking infosec Infosec for Beginners InfoSec Survival Guide Joff Thyer john strand Jordan Drysdale Kent Ickler Kerberos Linux MailSniper Malware Microsoft Nessus Nmap passwords password spraying pen-testing penetration testing pentest Pentesting phishing PowerShell Python Red Team red teaming RITA Sysmon tools webcast webcasts Windows

Archives

Back to top
Black Hills Information Security, Inc.

890 Lazelle Street, Sturgis, SD 57785-1611 | 701-484-BHIS (2447)
© 2008


About Us | BHIS Tribe of Companies | Privacy Policy | Contact

Links
  • YouTube
  • LinkedIn
  • Bluesky
  • Discord
  • X
  • iTunes
Search the site