Black Hills Information Security, Inc.
RSS
  • All Services
    • Penetration Testing
    • Continuous Penetration Testing
    • Web Application Testing
    • Active SOC
    • Fusion PenTest
    • AI Security Assessments
    • Incident Response
    • Blue Team Services
    • Blockchain Security
    • High-Profile Risk Assessments
    • Complete Service Guide
  • Contact Us
    • Contact Us
    • Email Sign-Up
  • About Us
    • Security Consultants
    • Admin Team
    • Active SOC Team
    • Antisyphon Training
    • BHIS Tribe of Companies
  • Free Resources
    • Blogs
    • Free Cybersecurity Tools
    • Free Cybersecurity Webcasts
    • Podcasts
    • RITA
  • Training
    • BHIS & Antisyphon Training
    • WWHF Conference
  • Community
    • Discord
    • LinkedIn
    • YouTube
    • Bluesky
    • Twitter/X
    • Upcoming Events
  • Fun Stuff
    • Backdoors & Breaches
    • Merch, Zines & More
    • PROMPT# Zine
    • REKCAH
    • Books
00403_09032019_HowToHackHardwareUART

Author, Hardware Hacking, How-To, Informational, Physical, Ray Felch, Red Team Tools Embedded systems, hardware hacking, JTAG, JTAGulator, Raymond Felch, reverse engineering, UART

How to Hack Hardware using UART

Raymond Felch // Preface: I began my exploration of reverse-engineering firmware a few weeks back (see “JTAG – Micro-Controller Debugging“), and although I made considerable progress finding and identifying the […]

Read the entire post here
00402_08302019_WEBCAST_ImplementingSysmon

Author, How-To, Informational, John Strand, Red Team Tools, Webcasts applocker, Bypassing, Group Policies, group policy, john strand, Logging, Malware, Sysmon, whitelisting, Windows

Webcast: Implementing Sysmon and Applocker

Click on the timecodes to jump to that part of the video (on YouTube) Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_ImplementingSysmonAppLocker.pdf 5:03 Introduction, problem statement, and executive problem […]

Read the entire post here
00401_08272019_JTAGMicroController

Author, Hardware Hacking, How-To, Informational, Ray Felch debugging, hardware hacking, JTAG, JTAGulator, picocom, Raymond Felch

JTAG – Micro-Controller Debugging

Raymond Felch // Being an embedded firmware engineer for most of my career, I quickly became fascinated when I learned about reverse engineering firmware using JTAG.   I decided to […]

Read the entire post here
00400_08212019_SecuringTheCloud-1

Author, How-To, Informational, Jordan Drysdale AWS EC2, AWS EMR, Coordinated disclosure, Jordan Drysdale, Nessus, Nmap, pentest, securing the Internet

Securing the Cloud: A Story of Research, Discovery, and Disclosure

Jordan Drysdale // tl;dr BHIS made some interesting discoveries while working with a customer to audit their Amazon Web Services (AWS) infrastructure. At the time of the discovery, we found […]

Read the entire post here
00399_08192019_WEBCAST_WeaponizingAD (1)

Author, David Fletcher, How-To, Informational, Red Team Tools, Webcasts Active Directory, CredDefense Toolkit, David Fletcher, kerberoasting, password spraying, ResponderGuard

Webcast: Weaponizing Active Directory

Click on the timecodes to jump to that part of the video (on YouTube) Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_WeaponizingActiveDirectory.pdf 0:54 Background behind this webcast, what and […]

Read the entire post here
00398_08152019_UsingCloudFrontRelayCobaltStrike

Author, Brian Fehrman, C2, How-To, Informational, Red Team, Red Team Tools Brian Fehrman, CloudFront, cobalt strike, Domain Fronting

Using CloudFront to Relay Cobalt Strike Traffic

Brian Fehrman // Many of you have likely heard of Domain Fronting. Domain Fronting is a technique that can allow your C2 traffic to blend in with a target’s traffic […]

Read the entire post here
00397_08132019_PyFunnels

General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101 Github, PyFunnels, Python3, TJ Nicholls, Tool Output

PyFunnels: Data Normalization for InfoSec Workflows

TJ Nicholls // *BHIS Guest Contributor TL;DR How many times have you had to parse the same output from a tool? Wouldn’t you like to get that time back? There […]

Read the entire post here
00396_07292019_YourReportingMatters

Author, Brian King, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101 Brian King, macros, MSWord Tricks, Pen Test Reports, reports, screenshots

Your Reporting Matters: How to Improve Pen Test Reporting

Brian B. King // This is a companion post to BBKing’s “Hack for Show, Report for Dough” report, given at BSides Cleveland in June 2019. The fun part of pentesting is […]

Read the entire post here
AttackTactics7-01

Author, Blue Team, Blue Team Tools, Informational, John Strand, Red Team, Webcasts Attack Tactics, Blue Team, DeepBlueCLI, DFIR, Incident Response, john strand, log analysis

Webcast: Attack Tactics 7 – The Logs You Are Looking For

Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_AttackTactics7LogsYouAreLookingFor.pdf So we went through an attack in the BHIS Webcast, “Attack Tactics 5! Zero to Hero Attack.” Then we went through […]

Read the entire post here
«‹ 40 41 42 43›»

Looking For Something?

Browse by category

Recent Posts

  • webapp_headerFinding and Addressing Vulnerable and Outdated Web Application Components
    Vulnerable and outdated software components are one of
  • egress_headerInsufficient Egress Filtering: How Weak Outbound Controls Enable Attacks
    Insufficient egress filtering is a commonly identified
  • _aipentest_headerEveryone’s Selling AI That Kills Pentesting. We Built One That Doesn’t.
    What we built, Fusion AI, runs at about a third the

Browse by topic

Active Directory ADHD AI anti-virus Attack Tactics AV Beau Bullock BHIS Blue Team C2 Carrie Roberts cloud Cyber Deception hacking infosec Infosec for Beginners InfoSec Survival Guide Joff Thyer john strand Jordan Drysdale Kent Ickler Kerberos Linux MailSniper Malware Microsoft Nessus Nmap passwords password spraying pen-testing penetration testing pentest Pentesting phishing PowerShell Python Red Team red teaming RITA Sysmon tools webcast webcasts Windows

Archives

Back to top
Black Hills Information Security, Inc.

890 Lazelle Street, Sturgis, SD 57785-1611 | 701-484-BHIS (2447)
© 2008


About Us | BHIS Tribe of Companies | Privacy Policy | Contact

Links
  • YouTube
  • LinkedIn
  • Bluesky
  • Discord
  • X
  • iTunes
Search the site