Blue Team, DFIR, General InfoSec Tips & Tricks, Hal Denton, How-To, Informational Digital Forensics and Incident Response, Master Boot Record

Who’s Bootin’? Dissecting the Master Boot Record

Hal Denton // Have you ever been given an encrypted hard drive to perform forensic analysis on? What could go wrong? Probably the first thought rolling through your mind is […]

Read the entire post here

External/Internal, How-To, Mobile, Password Spray, Red Team, Sean Verity, Web App

How to Build a Pentest Robot With Selenium IDE

Have you ever been on a pentest and thought to yourself, “I wish I had a robot to do this testing for me right now cuz this is just too much work”?

Read the entire post here

Daniel Pizarro, External/Internal, General InfoSec Tips & Tricks, Informational, LLMNR, Password Cracking, Password Spray, Recon, Red Team, Red Team Tools, Web App Cybersecurity Certification, PNPT

PNPT: Certification Review

Daniel Pizarro // What is the PNPT?  The Practical Network Penetration Tester (PNPT), created by TCM Security (TCMS), is a 5-day ethical hacking certification exam that assesses a pentester’s ability […]

Read the entire post here

How-To, Mobile Android, android hacking, mobile hacking, penetration testing, Pentesting, walkthrough

Start to Finish: Configuring an Android Phone for Pentesting

Jeff Barbi // *Guest Post Background Unless you’re pentesting mobile apps consistently, it’s easy for your methodologies to fall out of date. Each new version of Android brings with it […]

Read the entire post here

General InfoSec Tips & Tricks, Informational, Joff Thyer, Red Team, Web App

Forward into 2023: Browser and O/S Security Features 

Joff Thyer // Introduction We have already arrived at the end of 2022; wow, that was fast. As with any industry or aspect of life, we find ourselves peering into […]

Read the entire post here

Informational

Talkin’ About Infosec News – 12/21/2022

00:00 – PreShow Banter™ — Talkin’ Bout [Elon] News00:51 – BHIS – Talkin’ Bout [infosec] News 2022-12-1902:46 – Story # 1: Antivirus and EDR solutions tricked into acting as data […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

Author, Dale Hobbs, External/Internal, How-To, Informational, InfoSec 201, Recon Community Strings, Default, SNMP

SNMP… Strings Attached!

Dale Hobbs // One thing that I almost always find when performing an internal network penetration test is Simple Network Management Protocol (SNMP) configured with default community strings. Simple Network […]

Read the entire post here

Author, Blue Team, Informational, Kent Ickler Active Directory, bloodhound, BloodHoundAD, Control Paths, Domains, PlumHound, Purple Team, reports, System Administration

PlumHound Reporting Engine for BloodHoundAD

Kent Ickler // It’s been over two years since Jordan and I talked about a Blue Team’s perspective on Red Team tools.   A Blue Team’s Perspective on Red Team Hack […]

Read the entire post here

Blue Team, Carrie Roberts, General InfoSec Tips & Tricks, Informational, InfoSec 101, Recon, Red Team

New PowerShell History Defense Evasion Technique

Carrie Roberts // PowerShell incorporates the handy feature of writing commands executed to a file to make them easy to refer back to later. This functionality is provided by the […]

Read the entire post here