Start to Finish: Configuring an Android Phone for Pentesting
Jeff Barbi // *Guest Post Background Unless you’re pentesting mobile apps consistently, it’s easy for your methodologies to fall out of date. Each new version of Android brings with it […]
Forward into 2023: Browser and O/S Security Features
Joff Thyer // Introduction We have already arrived at the end of 2022; wow, that was fast. As with any industry or aspect of life, we find ourselves peering into […]
Talkin’ About Infosec News – 12/21/2022
00:00 – PreShow Banter™ — Talkin’ Bout [Elon] News00:51 – BHIS – Talkin’ Bout [infosec] News 2022-12-1902:46 – Story # 1: Antivirus and EDR solutions tricked into acting as data […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
SNMP… Strings Attached!
Dale Hobbs // One thing that I almost always find when performing an internal network penetration test is Simple Network Management Protocol (SNMP) configured with default community strings. Simple Network […]
PlumHound Reporting Engine for BloodHoundAD
Kent Ickler // It’s been over two years since Jordan and I talked about a Blue Team’s perspective on Red Team tools. A Blue Team’s Perspective on Red Team Hack […]
New PowerShell History Defense Evasion Technique
Carrie Roberts // PowerShell incorporates the handy feature of writing commands executed to a file to make them easy to refer back to later. This functionality is provided by the […]
Webcast: Firmware Enumeration Using Open Source Tools w/ Paul Asadoorian
In this Black Hills Information Security (BHIS) webcast, Paul will share free and open-source tools and techniques to evaluate the state of security on the firmware-based devices that live inside […]
Webcast: Pentester Tactics, Techniques, and Procedures TTPs w/ Chris Traynor
Penetration Testing is often considered a dark art that’s shrouded in mystery. This unfortunate perception can hold back organizations from being more secure and keep people from an exciting career. […]