Black Hills Information Security
Penetration testing for Fortune 50 companies since 2008.
RSS
  • About Us
    • Testers
    • Admin
    • SOC/HTOC Team
    • Partners
    • Interns
    • BHIS Tribe of Companies
  • Contact
    • Contact Us
    • Email Sign-Up
  • Services
    • Active SOC
    • Blockchain Security
    • Blue Team Services
    • Hunt Teaming (HTOC)
    • Incident Response
    • Penetration Testing
  • Projects/Tools
    • All Tools
    • RITA
    • Backdoors & Breaches
    • Books
    • REKCAH
  • Learn
    • Blog
    • Conference
    • Podcasts
    • PROMPT# Zine
    • Training
    • Upcoming Events
    • Webcasts
  • Community
    • Discord
    • LinkedIn
    • Swag Request
    • T-Shirts & Hoodies
    • Twitter
    • YouTube
OldDocCon

Fun & Games WWHF: Deadwood 2022

POGS at Wild West Hackin’ Fest! 

Ean Meyer // This post is for attendees of Wild West Hackin’ Fest: Deadwood 2022 POGs? Yes, POGs! If you aren’t familiar with POGs, this game started decades ago, reaching […]

Read the entire post here

Why You Really Need to Stop Disabling UAC

Author, Blue Team, Noah Heckman Administration, UAC, Windows

Why You Really Need to Stop Disabling UAC

Noah Heckman // Windows Vista didn’t have many fans in the Windows community (to put it lightly). It beaconed in a new user interface, file structure, and a bunch of […]

Read the entire post here

BLOG_chalkboard_00603

Blue Team, General InfoSec Tips & Tricks, Informational, InfoSec 101, Red Team Carrie Roberts, PowerShell

Constrained Language Mode Bypass When __PSLockDownPolicy Is Used

Carrie Roberts // PowerShell’s Constrained Language (CLM) mode limits the functionality available to users to reduce the attack surface. It is meant to be used in conjunction with application control […]

Read the entire post here

BLOG_chalkboard_00602

Red Team, Red Team Tools AceLdr, cobalt strike, evasion, FOLIAGE, gargoyle, Malware, moneta, pe-sieve, yara

Avoiding Memory Scanners

Kyle Avery // Introduction This post compliments a presentation I gave at DEF CON 30 – “Avoiding Memory Scanners: Customizing Malware to Evade YARA, PE-sieve, and More,” which included the […]

Read the entire post here

BLOG_chalkboard_00601

Author, Fun & Games, How-To, Informational, Ray Felch

So You Want to Build a Conference Hardware Badge!

Ray Felch // Recently, it was suggested that it would be cool to create a hardware badge for one of the upcoming InfoSec conferences. Admittedly, I have a pretty solid […]

Read the entire post here

BLOG_chalkboard_00600

Informational C, Linux, Linux Kernel

Linux System Call Monitoring 

moth // I’ve been diving deep into Linux lately, with my latest kick being exploring the Linux kernel. I’ve found “The Linux Programming Interface” (TLPI) by Michael Kerrisk, among others, […]

Read the entire post here

BLOG_chalkboard_00599

Author, How-To, Red Team, Red Team Tools, Tim Fowler Event Logs, Fileless, Injection, Logging, Payloads, shellcode

Windows Event Logs for Red Teams

Tim Fowler // Do you know what could be lurking in your Windows event logs? In May of 2022, I was sent a Threat Post article about a new technique […]

Read the entire post here

blog_chalk_00598

Author, Blue Team, Blue Team Tools, External/Internal, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, Jordan Drysdale Azure, defense, Detection, doazlab.com, Impacket, Jordan Drysdale

Impacket Defense Basics With an Azure Lab 

Jordan Drysdale // Overview The following description of some of Impacket’s tools and techniques is a tribute to the authors, SecureAuthCorp, and the open-source effort to maintain and extend the code. […]

Read the entire post here

BLOG_chalkboard_00597

How-To, Web App

Lessons Learned While Pentesting GraphQL

Sean Verity // GraphQL is one of those technologies that I heard about several years ago but had not encountered during an actual pentest. After reading a blog or two, […]

Read the entire post here

«‹ 3 4 5 6›»

Follow Us

Looking For Something?

Browse by category

Recent Posts

  • BLOG_chalkboard_00610PNPT: Certification Review
    Daniel Pizarro // What is the PNPT?  The
  • Talkin’ About Infosec News – 1/25/2023
    00:00 – PreShow Banter™ — Wade’s Googly
  • BLOG_chalkboard_00609Start to Finish: Configuring an Android Phone for Pentesting
    Jeff Barbi // *Guest Post Background Unless

Browse by topic

Active Directory ADHD anti-virus Attack Tactics AV Beau Bullock Blue Team bypassing AV C2 Carrie Roberts command and control hacking hardware hacking Hashcat infosec Joff Thyer john strand Jordan Drysdale Kent Ickler Linux MailSniper Microsoft Nessus Password cracking password policy passwords password spraying pen-testing penetration testing pentest Pentesting phishing podcast PowerShell Python Raymond Felch Red Team red teaming RITA social engineering Sysmon tools webcast webcasts Windows

Archives

Back to top
Black Hills Information Security

115 W. Hudson St. Spearfish, SD 57783 | 701-484-BHIS
© 2008

Links
Search the site