Black Hills Information Security, Inc.
RSS
  • About Us
    • Security Analysts
    • Admin
    • SOC Team
    • Interns
    • BHIS Family of Companies
  • Contact
    • Contact Us
    • Email Sign-Up
  • Services
    • Complete Service Guide
    • Active SOC
    • AI Security Assessments
    • Blockchain Security
    • Blue Team Services
    • Continuous Penetration Testing
    • High-Profile Risk Assessments
    • Incident Response
    • Penetration Testing
  • Tools
    • Free Cybersecurity Tools
    • RITA
    • REKCAH
  • Learn
    • Backdoors & Breaches
    • Blogs
    • Free Cybersecurity Webcasts
    • Podcasts
    • PROMPT# Zine
    • Books
  • Community
    • Discord
    • LinkedIn
    • T-Shirts & Hoodies
    • Twitter
    • Upcoming Events
    • YouTube
  • Training
  • WWHF
BLOG_chalkboard_00717 (1)

Blue Team, Dale Hobbs, Informational, InfoSec 101 Boardroom Cybersecurity, Business-Driven Security, C-Suite Engagement, Cyber Risk Awareness, Cybersecurity Communication, Executive Buy-In, Financial Impact of Cybersecurity, Risk Management, Security Leadership, Security Strategy

Communicating Security to the C-Suite: A Strategic Approach 

Engaging with the C-suite is not just about addressing security concerns or defending budget requests. It’s about establishing and maintaining an ongoing discussion that aims to align security objectives with the interests of the business.  

Read the entire post here
BLOG_chalkboard_00716

Ben Bowman, How-To, Informational, Red Team, Red Team Tools Forensics, Memory Forensics, Volatility

Offline Memory Forensics With Volatility

Volatility is a memory forensics tool that can pull SAM hashes from a vmem file. These hashes can be used to escalate from a local user or no user to a domain user leading to further compromise.

Read the entire post here
Getting Started with AI Hacking

Brian Fehrman, How-To AI, AI Hacking, Artificial Intelligence, Hacking Classifiers, Machine Learning

Getting Started with AI Hacking: Part 1

You may have read some of our previous blog posts on Artificial Intelligence (AI). We discussed things like using PyRIT to help automate attacks. We also covered the dangers of […]

Read the entire post here
BLOG_chalkboard_00714

Ben Bowman, Blue Team, Blue Team Tools, External/Internal, Web App Cyber Deception, Deceptive Tooling, Go-Spoof

Go-Spoof: A Tool for Cyber Deception

Go-Spoof brings an old tool to a new language. The Golang rewrite [of Portspoof] provides similar efficiency and all the same features of the previous tool but with easier setup and useability.

Read the entire post here
AitM_header

How-To, Michael Allen, Webcast Wrap-Up Adversary-in-the-Middle, MFA, Multi-Factor Authentication

How to Test Adversary-in-the-Middle Without Hacking Tools

In this video, Michael Allen discusses how to test Adversary-in-the-Middle attacks without using hacking tools. He delves into the intricacies of credential harvesting, the evolution of multi-factor authentication (MFA), and how attackers adapt their strategies to bypass security measures.

Read the entire post here
BLOG_chalkboard_00712

Blue Team, Blue Team Tools, How-To, Informational, Jack Hyland, Web App cross-site scripting, xsscanary

Canary in the Code: Alert()-ing on XSS Exploits

I’ve been a web application pentester for a while now and over the years must have found hundreds of cross-site scripting (XSS) vulnerabilities.1 Cross-site scripting is a notoriously difficult problem […]

Read the entire post here
WC_wrap-up_W0020

Ben Bowman, How-To, Informational, John Strand, Red Team Tools, Webcast Wrap-Up Joseph Boyd, Wi-Fi Forge

How to Hack Wi-Fi with No Wi-Fi

In this video, John Strand and his team discuss the challenges of setting up and running wireless labs, particularly focusing on the issues faced during Wild West Hackin’ Fest events. They highlight the development of an open-source project aimed at virtualizing wireless labs, which allows learners to practice wireless hacking techniques without needing physical hardware.

Read the entire post here
WC_wrap-up_W0019

Corey Ham, External/Internal, GRC, Red Team, Webcast Wrap-Up Kelli Tarala, penetration testing, pentest

Why Your Org Needs a Penetration Test Program

This webcast originally aired on February 27, 2025. Join us for a very special free one-hour Black Hills Information Security webcast with Corey Ham & Kelli Tarala on why your […]

Read the entire post here
BLOG_chalkboard_00711

Chris Sullo, General InfoSec Tips & Tricks, Web App Burp Suite, Copy For

Burp Suite Extension: Copy For 

If you’ve ever had to take a request from Burp and turn it into a command line, especially for jwt_tool.py, you know it can be painful—but no more! The “Copy For” extension is here to save valuable time. 

Read the entire post here
‹ 1 2 3 4›»

Looking For Something?

Browse by category

Recent Posts

  • How to Design and Execute Effective Social Engineering Attacks by PhoneHow to Design and Execute Effective Social Engineering Attacks by Phone
    Social engineering is the manipulation of individuals
  • s4u2self_headerAbusing S4U2Self for Active Directory Pivoting
    TL;DR If you only have access to a valid machine hash,
  • macropad_headerWhy Use a Macro Pad?
    Compression is everywhere—in files, videos, storage,

Browse by topic

Active Directory ADHD AI anti-virus Attack Tactics AV Beau Bullock BHIS Blue Team bypassing AV C2 Carrie Roberts cloud Cyber Deception encryption hacking infosec Infosec for Beginners Joff Thyer john strand Jordan Drysdale Kent Ickler Linux MailSniper Microsoft Nessus passwords password spraying pen-testing penetration testing pentest Pentesting phishing podcast PowerShell Python Raymond Felch Red Team red teaming RITA Sysmon tools webcast webcasts Windows

Archives

Back to top
Black Hills Information Security, Inc.

890 Lazelle Street, Sturgis, SD 57785-1611 | 701-484-BHIS (2447)
© 2008-2024


About Us | BHIS Tribe of Companies | Privacy Policy | Contact

Links
Search the site