Ray Felch // Introduction While packing up my KeyWe Smart Lock accessories, and after wrapping up my research and two previous blogs “Reverse Engineering a Smart Lock” and “Machine-in-the-Middle BLE Attack”, I came across a couple of KeyWe RFID tags. Although I was somewhat already familiar with RFID (Radio Frequency ID) technology, I decided this […]
Jordan Drysdale // tl;dr SILENTTRINITY (ST) is one of our favorite C2 tools at BHIS. It’s multiplayer, modern, and multiserver. The code has been revised significantly of late, especially the installation… and the instructions in the original blog I wrote are no longer accurate. https://www.blackhillsinfosec.com/my-first-joyride-with-silenttrinity/ Also, please read the call to arms. Help and support […]
Are you responsible for the security of webapps? Are you curious about how penetration testers are able to find vulnerabilities in them? Burp Suite is the preferred tool for many webapp pentesters and bug bounty hunters. It’s easy to get started in Burp, but not all of its features are easy to find or simple […]
Podcast: Play in new window | Download
Subscribe: RSS
Have you ever tried packaging a Python library/app in order to upload it to the Python Package repository (Pypi)? Not so straight forward is it? There’s a gazillion files you need (setup.py, Manifiest.ini, etc..) which all do different things. On top of that, there’s a decent amount of overhead to configure the necessary settings in […]
Podcast: Play in new window | Download
Subscribe: RSS
Jordan Drysdale // tl;dr Sentinel is easy! Especially when using Azure Sentinel To-Go. So, let’s do some threat research by deploying Sentinel To-Go and executing a Cobalt Strike beacon. Link: https://github.com/OTRF/Azure-Sentinel2Go Keeping up with Roberto’s (and his brother, and the OTRF contributors) is as monumental a task as his efforts to push threat research forward. […]
Jordan Drysdale // TL;DR The problem with a pentester’s perspective on defense, hunting, and security: Lab demographics versus scale. If it costs $15 bucks per month per server for me to get ATP data, demo its effectiveness, provide tips, tricks, and some basic guidance to the world, this is affordable. Deploying ATP on 5,000 virtual […]
Ray Felch // Introduction Continuing with my ongoing Smart Lock attack research (see blog Reverse Engineering a Smart Lock), I decided to move my focus to a different type of attack technique, namely a relay attack. The relay attack is a form of MitM attack, not to be confused with the more well-known replay attack. […]
Many people get started in security as a Security Operations Center (SOC) analyst. In this Black Hills Information Security (BHIS) webcast we discuss the core skills that a SOC analyst needs in order to be successful. Trust us, these skills are more than just watching the SIEM and letting the SOAR platform handle everything through […]
Podcast: Play in new window | Download
Subscribe: RSS
Carrie & Darin Roberts // If you would like to install the Mitre CALDERA server on your own, the CALDERA GitHub page has installation instructions on their ReadMe here. Detailed steps are provided below for installing CALDERA on Ubuntu and configuring it to use your SSL certification. Clone the Repository git clone https://github.com/mitre/caldera.git –recursive –branch […]
