Tap Into Your Valuable DNS Data
Joff Thyer // The Domain Name System (DNS) is the single most important protocol on the Internet. The distributed architecture of DNS name servers and resolvers has resulted in a […]
Webcast: Attack Tactics 6! Return of the Blue Team
Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_AttackTactics6ReturnofBlueTeam.pdf In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed […]
Webcast: Building a Small and Flexible Wireless Exfiltration Box with SDR
Paul Clark// Do you want to know how we learned Software Defined Radio? We learned it from Paul. We also learned by getting our hands dirty with projects. For this […]
Webcast: Weaponizing Corporate Intel. This Time, It’s Personal!
Beau Bullock & Mike Felch// Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester […]
How to Weaponize the Yubikey
Michael Allen // A couple of years ago, I had a YubiKey that was affected by a security vulnerability, and to fix the issue, Yubico sent me a brand new […]
Webcast: Attack Tactics 5 – Zero to Hero Attack
Timecode links take you to YouTube: 4:11 – Infrastructure & Background8:28 – Overview & Breakdown of Attack Methodology and Plans11:35 – Start of Attack (Gaining Access), Password Spraying Toolkit15:24 – […]
An SMB Relay Race – How To Exploit LLMNR and SMB Message Signing for Fun and Profit
Jordan Drysdale// This is basically a slight update and rip off of Marcello’s work out here: https://byt3bl33d3r.github.io/practical-guide-to-ntlm-relaying-in-2017-aka-getting-a-foothold-in-under-5-minutes.html /tl;dr – Zero to DA on an environment through an exposed Outlook Web […]
How to Purge Google and Start Over – Part 2
Mike Felch// How to Purge Google and Start Over – Part 1 Brief Recap In part 1, we discussed a red team engagement that went south when the Google SOC […]
How to Purge Google and Start Over – Part 1
Mike Felch// A Tale of Blue Destroying Red Let me start by sharing a story about a fairly recent red team engagement against a highly-secured technical customer that didn’t end […]