Raymond Felch // Being an embedded firmware engineer for most of my career, I quickly became fascinated when I learned about reverse engineering firmware using JTAG. I decided to take on this project as an opportunity to learn more about this somewhat obscure and often overlooked attack vector. excerpt from: https://en.wikipedia.org/wiki/JTAG JTAG (named after […]
Jordan Drysdale // tl;dr BHIS made some interesting discoveries while working with a customer to audit their Amazon Web Services (AWS) infrastructure. At the time of the discovery, we found two paths to ingress the customer’s virtual private cloud (VPC) through the elastic map reduce (EMR) application stacks. One of the vulns that gained us […]
Click on the timecodes to jump to that part of the video (on YouTube) Download slides: https://www.activecountermeasures.com/presentations 0:54 Background behind this webcast, what and why 7:02 Creating resources in Active Directory, User accounts, Groups, and Dummy Computer accounts 18:54 Tools, ResponderGuard, General flow of attacks, reconnaissance, deception and planted credentials 38:12 Password Spraying, honey users, […]
Brian Fehrman // Many of you have likely heard of Domain Fronting. Domain Fronting is a technique that can allow your C2 traffic to blend in with a target’s traffic by making it appear that it is calling out to the domain owned by your target. This is a great technique for red teamers to […]
TJ Nicholls // *BHIS Guest Contributor TL;DR How many times have you had to parse the same output from a tool? Wouldn’t you like to get that time back? There is a lot of overlap in the tools we use and the workflows we perform as information security professionals. Let’s not reinvent the wheel every […]
Brian B. King // This is a companion post to BBKing’s “Hack for Show, Report for Dough” report, given at BSides Cleveland in June 2019. The fun part of pentesting is the hacking. But the part that makes it a viable career is the reporting. You can develop the most amazing exploit for the most surprising […]
Download presentation slides: https://www.activecountermeasures.com/presentations/ So we went through an attack in the BHIS Webcast, “Attack Tactics 5! Zero to Hero Attack.” Then we went through the defenses in a follow-up webcast, “Attack Tactics 6! Return of the Blue Team,” and now we need to have a talk about logs. Here is the deal, most of […]
This webcast was originally given live on June 5th, 2019 by John Strand and the BHIS (card) Testers. How To Play! download and print a pdf version of “how to play” So we have been working on a card game for Incident Response over the past few months and it is ready for a dry […]
Click on the timecodes to jump to that part of the video (on YouTube) 2:26 Introduction, background history covering LaBrea Tar Pits and ARP Cache Poisoning and how they relate to this webcast and how “eavesarp” basically works. 14:15 Demo of “eavesarp” against a Stale Network Address Configuration (SNAC) attack. 28:45 Q&A This webcast was […]
