Jordan Drysdale // tl;dr SILENTTRINITY (ST) is one of our favorite C2 tools at BHIS. It’s multiplayer, modern, and multiserver. The code has been revised significantly of late, especially the installation… and the instructions in the original blog I wrote are no longer accurate. https://www.blackhillsinfosec.com/my-first-joyride-with-silenttrinity/ Also, please read the call to arms. Help and support […]
Are you responsible for the security of webapps? Are you curious about how penetration testers are able to find vulnerabilities in them? Burp Suite is the preferred tool for many webapp pentesters and bug bounty hunters. It’s easy to get started in Burp, but not all of its features are easy to find or simple […]
Podcast: Play in new window | Download
Subscribe: RSS
Have you ever tried packaging a Python library/app in order to upload it to the Python Package repository (Pypi)? Not so straight forward is it? There’s a gazillion files you need (setup.py, Manifiest.ini, etc..) which all do different things. On top of that, there’s a decent amount of overhead to configure the necessary settings in […]
Podcast: Play in new window | Download
Subscribe: RSS
Jordan Drysdale // tl;dr Sentinel is easy! Especially when using Azure Sentinel To-Go. So, let’s do some threat research by deploying Sentinel To-Go and executing a Cobalt Strike beacon. Link: https://github.com/OTRF/Azure-Sentinel2Go Keeping up with Roberto’s (and his brother, and the OTRF contributors) is as monumental a task as his efforts to push threat research forward. […]
Originally aired on November 30, 2020 Articles discussed in this episode: https://www.computerweekly.com/news/252491324/Surge-in-Ryuk-ransomware-attacks-has-hospitals-on-alert https://www.baltimoresun.com/maryland/baltimore-county/bs-md-co-what-to-know-schools-ransomware-attack-20201130-2j3ws6yffzcrrkfzzf3m43zxma-story.html https://www.darknet.org.uk/2020/10/fuzzilli-javascript-engine-fuzzing-library
Podcast: Play in new window | Download
Subscribe: RSS
Originally aired on November 19, 2020 Articles discussed in this episode: https://duo.com/blog/the-great-dns-vulnerability-of-2008-by-dan-kaminsky https://blog.cloudflare.com/sad-dns-explained
Podcast: Play in new window | Download
Subscribe: RSS
Jordan Drysdale // TL;DR The problem with a pentester’s perspective on defense, hunting, and security: Lab demographics versus scale. If it costs $15 bucks per month per server for me to get ATP data, demo its effectiveness, provide tips, tricks, and some basic guidance to the world, this is affordable. Deploying ATP on 5,000 virtual […]
Originally aired on November 11, 2020 Articles discussed in this episode: https://www.darkreading.com/attacks-breaches/malware-hidden-in-encrypted-traffic-surges-amid-pandemic/d/d-id/1339420 https://threatpost.com/millions-hotel-guests-worldwide-data-leak/161044/
Podcast: Play in new window | Download
Subscribe: RSS
Originally aired on 11/09/2020 Articles discussed in this episode: https://www.darkreading.com/threat-intelligence/6-ways-passwords-fail-basic-security-tests/d/d-id/1339299 https://www.infosecurity-magazine.com/news/national-guard-uvm-health-network/ https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/
Podcast: Play in new window | Download
Subscribe: RSS
