An Open Letter about Big All-Powerful Company’s Password Policy
Kelsey Bellew // Dear Big All-Powerful Company, Your idea of a ‘strong password’ is flawed. When I first saw the following message, I laughed. I said out loud, “No, you […]
WEBCAST: How to Use Threat Intelligence
John Strand// Using threat intelligence feeds for good….instead of wasting time and money. John’s intense hatred for threat intelligence feeds is pretty well known. Trying to defend your network against […]
What to Expect from a Vulnerability Scan
Dakota Nelson// For a lot of our customers, their first introduction to pentesting is a vulnerability scan from BHIS. This is after talking to the testers, of course, and setting […]
WEBCAST: Stop Sucking at Wireless
Jordan Drysdale & Kent Ickler// Jordan and Kent are back with more blue team madness! The shameless duo continue their efforts to wrangle decades old attacks against wireless networks. The […]
New Toy Alert: A Quick Review of Keysy
Rick Wisser// Here at BHIS we are always on the lookout for new toys. Especially if we can use them during a pentest. As a pentester, we all have a […]
Intro to Cryptocurrency and How to Secure Your Coins
Beau Bullock// Overview This blog post is meant to serve as a basic introduction to the world of cryptocurrencies. With cryptocurrencies making their way into mainstream news outlets I am […]
The Hard Part of the Alphabet
Melisa Wachs// Many of you have met John, so I thought you’d enjoy this posh little gem I dug up. This picture was taken in our first home, and although I […]
The Non-Attrib Starterpack!
Jordan Drysdale // Let’s start this post at Walmart. Yes, the visit may be attributable against the purchaser via security camera footage retrieved by warrant, so hand your wife/husband/confidant/whomever a […]
How to Build a Command & Control Infrastructure with Digital Ocean: C2K Revamped
Lee Kagan* // Expanding upon the previous post in this series, I decided to rewrite C2K (find it here) to change its behavior and options for the user. In this […]