C2, External/Internal, General InfoSec Tips & Tricks, How-To, InfoSec 201, InfoSec 301, Red Team, Red Team Tools, Social Engineering C2, C2 Infrastructure, C2K, command and control, Digital Ocean

How to Build a Command & Control Infrastructure with Digital Ocean: C2K Revamped

Lee Kagan* // Expanding upon the previous post in this series, I decided to rewrite C2K (find it here) to change its behavior and options for the user. In this […]

Read the entire post here

Author, Brian Fehrman, General InfoSec Tips & Tricks, Informational external engagement, Lync, Lync server

PSA: It’s 10PM, Do You Know Where Your Lync Servers Are?

Brian Fehrman// Microsoft Lync servers have been a staple of my external engagements for the past six months or so. I have found a Lync server on all of those […]

Read the entire post here

Fun & Games BHIScaptionthis, Clowns, GifTweets

BHIS Caption This #2 Responses

If you follow us on Twitter, you might have noticed we started #BHIScaptionthis on Fridays. There were so many good responses last week that we thought we’d put them all […]

Read the entire post here

Author, How-To, Informational, InfoSec 101, Jordan Drysdale INFOSEC 301 CRITICAL CONTROLS, it security, Jordan Drysdale, Small Business

Small and Medium Business Security Strategies: Part 3

Jordan Drysdale // Blurb: A few of us have discussed the stress that small and medium business proprietors and operators feel these days. We want to help stress you out […]

Read the entire post here

C2, Webcasts C2, Python, webcast, webcasts

WEBCAST: Tweets, Beats, and Sheets: C2 over Social Media

Dakota Nelson// The modern internet’s got a lot of places to hide. In this webcast, join Dakota as he shows how you can establish C2 channels and issue commands to […]

Read the entire post here

How-To, InfoSec 101 c-level, c-Suite, information security, infosec, infosec 101

How to Build a Better Relationship With Your C-level Regarding Information Security

Josh Thomas // Editor’s Note: Recently on Twitter, we asked our followers “What’s the hardest thing to get your C-level to understand regarding security?” The answers came in like a roaring […]

Read the entire post here

Author, Brian Fehrman, How-To, Informational, InfoSec 101 Application Whitelisting Software, AWS, PowerShell

PowerShell w/o PowerShell Simplified

Brian Fehrman // In a previous post, titled PowerShell without PowerShell, we showed you how you can bypass Application Whitelisting Software (AWS), PowerShell restrictions/monitoring, and Command Prompt restrictions. In some […]

Read the entire post here

Author, How-To, Informational, Jordan Drysdale Digital Ocean, Jordan Drysdale, SANS SEC504, vsagent

504 VSAgent Usage Instructions

Jordan Drysdale// HERE IT IS! Finally! For the vsagent from SANS SEC504 (only the finest InfoSec course the world has ever seen!): this is a Q&D deployment guide for the […]

Read the entire post here

Author, Blue Team Tools, Hunt Teaming, John Strand, Webcasts Active Countermeasures, AI Hunter, bro, free tools, RITA, threat hunting

WEBCAST: Tales from the Network Threat Hunting Trenches

John Strand// In this webcast, John walks through a couple of cool things we’ve found useful in some recent network hunt teams. He also shares some of our techniques and […]

Read the entire post here