Carrie Roberts*// I’m a red teamer, I love my job but I spend way too much time at a desk in front of a computer. This year I wanted to find a way to continue spending a lot of time at the computer without letting my physical health decline. This article will describe my journey […]
Yes.. Ethical Hacker Kids. The holidays are coming up! Here John & Jordan cover the different games, tools and gifts we can give kids that help teach them the trade. There is nothing, nothing like sitting around with family picking locks, learning to code and helping kids through the latest Holiday Hack Challenge. And!! We […]
Podcast: Play in new window | Download
John Strand & Jordan Drysdale// Yes.. Ethical Hacker Kids. The holidays are coming up! Here John & Jordan cover the different games, tools and gifts we can give kids that help teach them the trade. There is nothing, nothing like sitting around with family picking locks, learning to code and helping kids through the latest […]
Darin Roberts// In previous blogs I have shown how to get various C2 sessions. In this blog, I will be showing how to do C2 over ICMP. First, what is ICMP? ICMP is Internet Control Message Protocol. It allows internet connected devices to send error messages back to the source IP address when problems in […]
Joff Thyer// Many of you have probably already looked at Beau Bullock’s fine blog entry on a penetration testing dropbox. Beau has some excellent guidance on how to build the base dropbox platform using different platforms. In this case, I selected the ODroid-C2 platform running KALI (ARM) edition and am going to extend upon that […]
Over the past few months, we have discovered a couple trends that organizations seem to be missing. No silver bullets, just some general vulnerability issues we are seeing again and again. In this podcast, Jordan & Kent give a few pointers and some new tools to help the blue team stay on top of these […]
Podcast: Play in new window | Download
Kent Ickler & Jordan Drysdale // Preface We had a sysadmin and security professional “AA” meeting on November 8, 2018. We met and discussed things that seem to be painfully slow to take hold in our organizations; patching, regular scanning, even just finding time to manage our inventory. Slides available here: https://blackhillsinformationsecurity.shootproof.com/gallery/7945173/ Five Things (That Seriously […]
Jordan Drysdale// tl;dr Cisco Smart Install is awesome (on by default)…for hackers… not sysadmins. So, you Nessus too? Criticals and highs are all that matter! Right??? Until this beauty came along, but wait….this isn’t Critical or High. Let’s just ignore it. What can we do with this thing? Download config Upload config Execute commands […]
Bronwen Aker* // For those of you not fortunate enough to attend, this year’s Wild West Hackin’ Fest (WWHF) was phenomenal, featuring speakers from diverse aspects of information security, workshops, labs, and a killer CTF, all taking place at the Deadwood Mountain Grand, a Holiday Inn Resort Hotel, Casino, Spa and Event Center. In spite […]
