From High School to Cyber Ninja—For Free (Almost)!
| Carrie Roberts // Guest Author Carrie Roberts is an Antisyphon instructor and experienced cyber security professional who has mentored many on their journey into cyber. My name is Carrie […]
Augmenting Security Testing and Analysis Activities with Microsoft 365 Products
Use of Microsoft 365 products in security testing is not a new concept. For a long time, I’ve incorporated various activities using Office products into my testing regimen. In the […]
DLL Jmping: Old Hollow Trampolines in Windows DLL Land
DLL hollowing is an age-old technique used by malware authors to have a memory-backed shellcode. However, defensive mechanisms like CFG and XFG have made it incredibly difficult to implement such […]
Abusing Active Directory Certificate Services (Part 4)
Start this blog series from the beginning here: PART 1 Misconfigurations in Active Directory Certificate Services (ADCS) can introduce critical vulnerabilities into an Enterprise environment. In this article, we will […]
Offensive IoT for Red Team Implants (Part 3)
This is part three of the blog series, Offensive IoT for Red Team Implants. We will be building off from where we left off in the last post, which can […]
Introducing Squeegee: The Microsoft Windows RDP Scraping Utility
Hi, it’s David with BHIS! You’ll be saying, “Wow,” every time you use this tool. It’s like a shammy. It’s like a towel. It’s like a sponge. A regular towel […]
Offensive IoT for Red Team Implants (Part 2)
This is Part Two of the blog series, Offensive IoT for Red Team Implants, so if you have not read PART ONE, I would encourage you do to so first […]
Offensive IoT for Red Team Implants – Part 1
This is part one of a multipart blog series on researching a new generation of hardware implants and how using solutions from the world of IoT can unleash new capabilities. […]
At Home Detection Engineering Lab for Beginners
| Niccolo Arboleda | Guest Author Niccolo Arboleda is a cybersecurity enthusiast and student at the University of Toronto. He is usually found in his home lab studying different cybersecurity […]