Jordan Drysdale// tl;dr Both Cisco and Nessus have escalated the Smart Install Client Service feature/vulnerability. Nessus is now reporting the Smart Install RCE as critical. High five!!! Cisco has also packaged up a couple of associated bugs, one of which requires a firmware update. The first is seen below: Reference to this advisory is listed […]
In this webcast we cover some of the core tools we use all the time at Black Hills Information Security. However, there’s a twist. We don’t talk about Nessus, Nmap, or Metasploit. Why? Because there are a ton of new (and older) tools we use that fall outside of the standard tools you see in […]
Podcast: Play in new window | Download
John Strand// In this webcast we cover some of the core tools we use all the time at Black Hills Information Security. However, there’s a twist. We don’t talk about Nessus, Nmap, or Metasploit. Why? Because there are a ton of new (and older) tools we use that fall outside of the standard tools you […]
Carrie Roberts*// I’m a red teamer, I love my job but I spend way too much time at a desk in front of a computer. This year I wanted to find a way to continue spending a lot of time at the computer without letting my physical health decline. This article will describe my journey […]
Yes.. Ethical Hacker Kids. The holidays are coming up! Here John & Jordan cover the different games, tools and gifts we can give kids that help teach them the trade. There is nothing, nothing like sitting around with family picking locks, learning to code and helping kids through the latest Holiday Hack Challenge. And!! We […]
Podcast: Play in new window | Download
John Strand & Jordan Drysdale// Yes.. Ethical Hacker Kids. The holidays are coming up! Here John & Jordan cover the different games, tools and gifts we can give kids that help teach them the trade. There is nothing, nothing like sitting around with family picking locks, learning to code and helping kids through the latest […]
Darin Roberts// In previous blogs I have shown how to get various C2 sessions. In this blog, I will be showing how to do C2 over ICMP. First, what is ICMP? ICMP is Internet Control Message Protocol. It allows internet connected devices to send error messages back to the source IP address when problems in […]
Joff Thyer// Many of you have probably already looked at Beau Bullock’s fine blog entry on a penetration testing dropbox. Beau has some excellent guidance on how to build the base dropbox platform using different platforms. In this case, I selected the ODroid-C2 platform running KALI (ARM) edition and am going to extend upon that […]
Over the past few months, we have discovered a couple trends that organizations seem to be missing. No silver bullets, just some general vulnerability issues we are seeing again and again. In this podcast, Jordan & Kent give a few pointers and some new tools to help the blue team stay on top of these […]
Podcast: Play in new window | Download
