Blog - Page 40 of 79 - Black Hills Information Security, Inc.

Author, How-To, Informational, Michael Allen, Red Team How to, Michael Allen, Payload, Red Team, Rubber Ducky, Scan Codes, Teensy, Weaponize, yubikey

How to Weaponize the Yubikey

Michael Allen // A couple of years ago, I had a YubiKey that was affected by a security vulnerability, and to fix the issue, Yubico sent me a brand new […]

Read the entire post here

Author, C2, External/Internal, How-To, Informational, Jordan Drysdale, Kent Ickler, LLMNR, Password Cracking, Password Spray, Phishing, Recon, Red Team, Red Team Tools, Webcasts Attack Tactics, crackmapexec, Ethical Hacking, HTA, john strand, Jordan Drysdale, Kent Ickler, LLMNR, MailSniper, Password cracking, password spraying, pen-testing, phishing

Webcast: Attack Tactics 5 – Zero to Hero Attack

Timecode links take you to YouTube: 4:11 – Infrastructure & Background8:28 – Overview & Breakdown of Attack Methodology and Plans11:35 – Start of Attack (Gaining Access), Password Spraying Toolkit15:24 – […]

Read the entire post here

Author, External/Internal, How-To, Informational, Jordan Drysdale, LLMNR, Red Team exploit, How to, Jordan Drysdale, LLMNR, Red Team, SMB Message Signing

An SMB Relay Race – How To Exploit LLMNR and SMB Message Signing for Fun and Profit

Jordan Drysdale// This is basically a slight update and rip off of Marcello’s work out here: https://byt3bl33d3r.github.io/practical-guide-to-ntlm-relaying-in-2017-aka-getting-a-foothold-in-under-5-minutes.html /tl;dr – Zero to DA on an environment through an exposed Outlook Web […]

Read the entire post here

Author, Blue Team, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, Mike Felch Blue Team, cloud, Google, Red Team

How to Purge Google and Start Over – Part 2

Mike Felch// How to Purge Google and Start Over – Part 1 Brief Recap In part 1, we discussed a red team engagement that went south when the Google SOC […]

Read the entire post here

Author, Blue Team, General InfoSec Tips & Tricks, How-To, Informational, Mike Felch Blue Team, cloud, Google, Mike Felch, privacy, Red Team

How to Purge Google and Start Over – Part 1

Mike Felch// A Tale of Blue Destroying Red Let me start by sharing a story about a fairly recent red team engagement against a highly-secured technical customer that didn’t end […]

Read the entire post here

Author, How-To, Informational, InfoSec 101, Joff Thyer, Webcasts Joff Thyer, Python2, Python3, SEC573, UTF-8

BHIS Webcast: Py2k20 – Transitioning from Python2 to Python3

Joff Thyer// In this webcast, we talk about the 2020 End of Life for Python2. We address what the short and medium term impacts will likely be. Key language differences […]

Read the entire post here

External/Internal, How-To, Informational, Password Spray, Red Team, Red Team Tools, Web App Bypass IP Filtering, Darin Roberts, Foxy Proxy, IP Rotation, password spray, ProxyCannon, ProxyMesh

How To Rotate Your Source IP Address

Darin Roberts// IP-Go-Round – Source IP Rotation I was on an engagement recently that was blocking my password sprays based on my IP address. If I made 3 incorrect requests […]

Read the entire post here

00376_03082019_WEBCAST_TrackingAttackers

Author, Blue Team, Blue Team Tools, How-To, Informational, John Strand, Webcasts Active Defense, ADHD, Cyber Deception, Honey Tokens, john strand, Thinkst, webcast

BHIS Webcast: Tracking Attackers. Why Attribution Matters and How To Do It.

In this BHIS webcast, we cover some new techniques and tactics on how to track attackers via various honey tokens. We cover how to track with Word Web Bugs in ADHD and […]

Read the entire post here

External/Internal, How-To, Informational, Red Team BHIS, Black Hills Information Security, Carrie Roberts, RDP, SSH

The RDP Through SSH Encyclopedia

Carrie Roberts //* I have needed to remind myself how to set up RDP access through an SSH connection so many times that I’ve decided to document it here for […]

Read the entire post here

«‹ 39 40 41 42 ›»