How-To, Informational, Red Team pentest report, Pentesting, reports

DOs and DON’Ts of Pentest Report Writing

Melisa Wachs// The first day of school has started for your school-age kiddos. What better time to run through some of our basic reporting guidelines with y’all? Here is a […]

Read the entire post here

Author, Mike Felch, Phishing, Red Team 2FA, multi-factor, phishing, Red Team

Stealing 2FA Tokens on Red Teams with CredSniper

Mike Felch // More and more organizations are rolling out mandatory 2FA enrollment for authentication to external services like GSuite and OWA. While this is great news because it creates […]

Read the entire post here

Fun & Games, General InfoSec Tips & Tricks, InfoSec 101, InfoSec 201 Blue Team, books, Getting into Infosec, infosec 101, infosec books, Red Team, tools

Your Infosec Supply List

Bre Schumacher // As I was walking through the back to school display at the store the other day, I picked up a handy-dandy school supply list. Of course there were […]

Read the entire post here

Author, Blue Team, How-To, Jordan Drysdale, Kent Ickler, Webcasts Active Directory, AD, AWS, Best Practices, Blue Team, Defender, Federation Services, Firewall, Group Policies, Groups, Infrastructure, Job Functional Roles, Jordan Drysdale, Jugular, Kent Ickler, LAPS, LLMNR, LSDOU, Naming Conventions, security, Sysmon, webcast, webcasts, whitelisting

Active Directory Best Practices to Frustrate Attackers: Webcast & Write-up

Kent Ickler & Jordan Drysdale // BHIS Webcast and Podcast This post accompanies BHIS’s webcast recorded on August 7, 2018, Active Directory Best Practices to Frustrate Attackers, which you can view below. […]

Read the entire post here

Author, Ethan Robish, How-To Socket.io, WebSockets

How to Hack WebSockets and Socket.io

Ethan Robish // WebSockets Overview WebSockets is a technology to allow browsers and servers to establish a single TCP connection and then asynchronously communicate in either direction. This is great […]

Read the entire post here

Red Team, Red Team Tools AWS, Carnal0wnage, Compromise, SEC504, WeirdAAL

AWS: Assuming Access Key Compromise

Jordan Drysdale//* In this blog, we are assuming that we have obtained an access key, a secret key and maybe a .pem key from a network user who left these […]

Read the entire post here

Blue Team, Finding, General InfoSec Tips & Tricks, How-To, Informational after the pen test, how to deal with you penetration test results, What to do after a penetration test, what to do after a pentest

What to Expect After a Pen Test

Scott Worden* // So you and your company had a pen test…now what? What to do, how to plan, and good SQUIRREL! ways to stay on track.   The 3 […]

Read the entire post here

C2, Craig Vincent, Red Team C2, command and control, Red Team, WebSockets, WSC2

Command and Control with WebSockets WSC2

Craig Vincent// This all started with a conversation I was having with a few other BHIS testers. At the time, I was testing a web application that used WebSockets. The […]

Read the entire post here

Author, Blue Team, How-To, Jordan Drysdale Amazon Web Services, AWS, Best Practices, Blue Team, Jordan Drysdale, Scout2

Scout2 Usage: AWS Infrastructure Security Best Practices

Jordan Drysdale// Full disclosure and tl;dr: The NCC Group has developed an amazing toolkit for analyzing your AWS infrastructure against Amazon’s best practices guidelines. Start here: https://github.com/nccgroup/Scout2 Then, access your […]

Read the entire post here