Webcast: Endpoint Security Got You Down? No PowerShell? No Problem.
Do your PowerShell scripts keep getting caught? Tired of dealing with EDRs & Windows Defender every time you need to pop a box? In this one-hour webcast, we introduce a somewhat […]
I’m Resigning From SANS
John Strand// Hello all, Well, this is a painful post to write, so I will get right to it. I am on my last run of classes with the SANS […]
Getting PowerShell Empire Past Windows Defender
Carrie Roberts //* (Updated 2/12/2020) ADVISORY: The techniques and tools referenced within this blog post may be outdated and do not apply to current situations. However, there is still potential […]
BHIS Webcast: Blockchain and You! InfoSec Edition
Take a good look at Bitcoin right now… these are the unlucky ones. These are the unfortunate souls who jumped on another overinflated balloon. But, does this Bitcoin crash completely […]
I Spy with InSpy v3.0
Darin Roberts// Early in 2018 I wrote a blog about InSpy. InSpy is a great reconnaissance tool that gathers usernames from LinkedIn. My first blog can be found here. A […]
Small and Medium Business Security Strategies: Part 5
Jordan Drysdale// tl;dr Inventory management and personnel management are critical to making this work. Often, the difference between your company becoming a statistic and catching someone with a foothold in […]
Webcast: Sacred Cash Cow Tipping 2019
John Strand // Yet again it is time for another edition of Sacred Cash Cow Tipping! Or, “Why do these endpoint security bypass techniques still work? Why?” The goal of […]
SSHazam: Hide Your C2 Inside of SSH
Carrie Roberts //* SSHazam is a method of running any C2 tool of your choice inside a standard SSH tunnel to avoid network detections. The examples here involve running PowerShell […]
Social Engineering in Japan
Kelsey Bellew//* It’s an occupational hazard to see vulnerabilities everywhere. When I see a router sitting in plain sight I think, “The default creds are probably printed on the back; […]