Webcast: Sacred Cash Cow Tipping 2021
It is another year for the Sacred Cash Cow Tipping Webcast. For those of you who are new to our email list within the past year, this is a webcast […]
Podcast: Play in new window | Download
Subscribe: RSS
Webcast: Move Aside Script Kiddies – Malware Execution in the Age of Advanced Defenses
A few short years ago, penetration testers did not have to work too hard for their malware command channels to execute. Fast forward to today in the age of Endpoint […]
Podcast: Play in new window | Download
Subscribe: RSS
A Sysmon Event ID Breakdown – Now with Event ID 25!!
Jordan Drysdale // tl;dr This blog is being provided to demonstrate the capabilities of Sysmon logging broken down by event ID. The IDs will be captured in context and matched […]
Webcast: Discussing Implications of the SolarWinds Breach(es)
This blog was written in conjunction with Wild West Hackin’ Fest. Does the news on SUNBURST and SUPERNOVA have you feeling like you’re flapping in the (Solar)Wind? Join John Strand, […]
Podcast: Play in new window | Download
Subscribe: RSS
RFID Proximity Cloning Attacks
Ray Felch // Introduction While packing up my KeyWe Smart Lock accessories, and after wrapping up my research and two previous blogs “Reverse Engineering a Smart Lock” and “Machine-in-the-Middle BLE […]
Joyriding with SILENTTRINITY – UPDATES
Jordan Drysdale // tl;dr SILENTTRINITY (ST) is one of our favorite C2 tools at BHIS. It’s multiplayer, modern, and multiserver. The code has been revised significantly of late, especially the […]
Webcast: Getting Started with Burp Suite & Webapp Pentesting
Are you responsible for the security of webapps? Are you curious about how penetration testers are able to find vulnerabilities in them? Burp Suite is the preferred tool for many […]
Podcast: Play in new window | Download
Subscribe: RSS
Webcast: Pretty Little Python Secrets – Episode 2 – Python Development & Packaging as Beautiful as a Poem
Have you ever tried packaging a Python library/app in order to upload it to the Python Package repository (Pypi)? Not so straight forward is it? There’s a gazillion files you […]
Podcast: Play in new window | Download
Subscribe: RSS
Azure Sentinel Quick-Deploy with Cyb3rWard0g’s Sentinel To-Go – Let’s Catch Cobalt Strike!
Jordan Drysdale // tl;dr Sentinel is easy! Especially when using Azure Sentinel To-Go. So, let’s do some threat research by deploying Sentinel To-Go and executing a Cobalt Strike beacon. Link: […]