Black Hills Information Security
Penetration testing for Fortune 50 companies since 2008.
  • About Us
    • Testers
    • Admin
    • Bounty Hunters
    • Interns
  • Contact
    • Contact Us
    • Email Sign-Up
  • Services
    • Penetration Testing
    • Active SOC
    • Blue Team Services
    • HTOC
    • Cyber Range
  • Projects/Tools
    • All Tools
    • RITA
    • Backdoors & Breaches
    • Books
  • Learn
    • Blog
    • Webcasts
    • Podcasts
    • Training
00500_12072020_JoyridingSILENTTRINITYUpdates

Fun & Games, How-To, Informational, InfoSec 101

Joyriding with SILENTTRINITY – UPDATES

Jordan Drysdale // tl;dr SILENTTRINITY (ST) is one of our favorite C2 tools at BHIS. It’s multiplayer, modern, and multiserver. The code has been revised significantly of late, especially the installation… and the instructions in the original blog I wrote are no longer accurate. https://www.blackhillsinfosec.com/my-first-joyride-with-silenttrinity/ Also, please read the call to arms. Help and support […]

Read the entire post here

00499_12082020_WebcastBurpSuite

How-To, Informational, Podcasts, Webcasts

Webcast: Getting Started with Burp Suite & Webapp Pentesting

Are you responsible for the security of webapps? Are you curious about how penetration testers are able to find vulnerabilities in them? Burp Suite is the preferred tool for many webapp pentesters and bug bounty hunters. It’s easy to get started in Burp, but not all of its features are easy to find or simple […]

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

00498_12032020_Webcast_PLPS2

Informational, Podcasts, Webcasts

Webcast: Pretty Little Python Secrets – Episode 2 – Python Development & Packaging as Beautiful as a Poem

Have you ever tried packaging a Python library/app in order to upload it to the Python Package repository (Pypi)? Not so straight forward is it? There’s a gazillion files you need (setup.py, Manifiest.ini, etc..) which all do different things. On top of that, there’s a decent amount of overhead to configure the necessary settings in […]

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

Azure Sentinel Quick-Deploy with Cyb3rWard0g’s Sentinel To-Go – Let’s Catch Cobalt Strike!

How-To, Informational, InfoSec 101

Azure Sentinel Quick-Deploy with Cyb3rWard0g’s Sentinel To-Go – Let’s Catch Cobalt Strike!

Jordan Drysdale // tl;dr Sentinel is easy! Especially when using Azure Sentinel To-Go. So, let’s do some threat research by deploying Sentinel To-Go and executing a Cobalt Strike beacon. Link: https://github.com/OTRF/Azure-Sentinel2Go Keeping up with Roberto’s (and his brother, and the OTRF contributors) is as monumental a task as his efforts to push threat research forward. […]

Read the entire post here

Informational, InfoSec 101, News, Podcasts

Talkin’ About Infosec News – 11/30/2020

Originally aired on November 30, 2020 Articles discussed in this episode: https://www.computerweekly.com/news/252491324/Surge-in-Ryuk-ransomware-attacks-has-hospitals-on-alert https://www.baltimoresun.com/maryland/baltimore-county/bs-md-co-what-to-know-schools-ransomware-attack-20201130-2j3ws6yffzcrrkfzzf3m43zxma-story.html https://www.darknet.org.uk/2020/10/fuzzilli-javascript-engine-fuzzing-library

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

Informational, InfoSec 101, News, Podcasts

Talkin’ About Infosec News – 11/19/2020

Originally aired on November 19, 2020 Articles discussed in this episode: https://duo.com/blog/the-great-dns-vulnerability-of-2008-by-dan-kaminsky https://blog.cloudflare.com/sad-dns-explained

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

00494_11232020_AzureSecurityBasics

General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101

Azure Security Basics: Log Analytics, Security Center, and Sentinel

Jordan Drysdale // TL;DR The problem with a pentester’s perspective on defense, hunting, and security: Lab demographics versus scale.  If it costs $15 bucks per month per server for me to get ATP data, demo its effectiveness, provide tips, tricks, and some basic guidance to the world, this is affordable. Deploying ATP on 5,000 virtual […]

Read the entire post here

Informational, InfoSec 101, News, Podcasts

Talkin’ About Infosec News – 11/11/2020

Originally aired on November 11, 2020 Articles discussed in this episode: https://www.darkreading.com/attacks-breaches/malware-hidden-in-encrypted-traffic-surges-amid-pandemic/d/d-id/1339420 https://threatpost.com/millions-hotel-guests-worldwide-data-leak/161044/

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

Informational, InfoSec 101, News, Podcasts

Talkin’ About Infosec News – 11/09/2020

Originally aired on 11/09/2020 Articles discussed in this episode: https://www.darkreading.com/threat-intelligence/6-ways-passwords-fail-basic-security-tests/d/d-id/1339299 https://www.infosecurity-magazine.com/news/national-guard-uvm-health-network/ https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

‹ 1 2 3 4 5 ›»

Follow Us

Looking For Something?

Subscribe to the BHISblog

Don't get left in the dark! Enter your email address and every time a post goes live you'll get instant notification! We'll also add you to our webcast list, so you won't miss our occasional emails about upcoming events! (We promise, we're not spammy!)

Browse by category

Recent Posts

  • Talkin’ About Infosec News – 1/20/2021
    ORIGINALLY AIRED ON JANUARY 20, 2021 Articles
  • 00507_01152021_WebcastMoveAssideScriptKiddiesWebcast: Move Aside Script Kiddies – Malware Execution in the Age of Advanced Defenses
    A few short years ago, penetration testers did not
  • Talkin’ About Infosec News – 1/13/2021
    Originally aired on January 13, 2021 Articles

Browse by topic

Active Directory ADHD anti-virus Attack Tactics AV Blue Team bypassing AV C2 cloud command and control hardware hacking Hashcat infosec john strand Jordan Drysdale Kent Ickler Linux LLMNR MailSniper Microsoft Nessus Nmap Password cracking password policy passwords password spraying pen-testing penetration testing pentest Pentesting phishing podcast Podcasts PowerShell Python Raymond Felch Red Team red teaming RITA social engineering Sysmon tools webcast webcasts Windows

Archives

Black Hills Information Security

115 W. Hudson St. Spearfish, SD 57783 | 701-484-BHIS
© 2008

Links
Search the site