Black Hills Information Security
Weekly infosec news podcast with the pen testers and friends of Black Hills Information Security.
RSS
  • About Us
    • Testers
    • Admin
    • SOC/HTOC Team
    • Partners
    • Interns
    • BHIS Tribe of Companies
  • Contact
    • Contact Us
    • Email Sign-Up
  • Services
    • Active SOC
    • Blockchain Security
    • Blue Team Services
    • High-Profile Risk Assessments
    • Hunt Teaming (HTOC)
    • Incident Response
    • Penetration Testing
  • Projects/Tools
    • All Tools
    • RITA
    • Books
    • REKCAH
  • Learn
    • Backdoors & Breaches
    • Blog
    • Conference
    • Podcasts
    • PROMPT# Zine
    • Upcoming Events
    • Webcasts
  • Community
    • Discord
    • LinkedIn
    • T-Shirts & Hoodies
    • Twitter
    • YouTube
  • Training
blog_chalk_00598

Author, Blue Team, Blue Team Tools, External/Internal, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, Jordan Drysdale Azure, defense, Detection, doazlab.com, Impacket, Jordan Drysdale

Impacket Defense Basics With an Azure Lab 

Jordan Drysdale // Overview The following description of some of Impacket’s tools and techniques is a tribute to the authors, SecureAuthCorp, and the open-source effort to maintain and extend the code. […]

Read the entire post here

BLOG_chalkboard_00597

How-To, Web App

Lessons Learned While Pentesting GraphQL

Sean Verity // GraphQL is one of those technologies that I heard about several years ago but had not encountered during an actual pentest. After reading a blog or two, […]

Read the entire post here

For Web Content Discovery, Who You Gonna Call? Gobuster!

Author, External/Internal, General InfoSec Tips & Tricks, Melissa Bruno, Web App

For Web Content Discovery, Who You Gonna Call? Gobuster!

Melissa Bruno // One of the best early steps to take when testing a network, especially a large one, is to run the tool EyeWitness to gain a quick understanding […]

Read the entire post here

BLOG_chalkboard_00595

How-To, Informational, InfoSec 101, Phishing, Red Team, Social Engineering ansible, automation, credential capture, ethical, hacking, html

Phishing Made Easy(ish)

Hannah Cartier // Social engineering, especially phishing, is becoming increasingly prevalent in red team engagements as well as real-world attacks. As security awareness improves and systems become more locked down, […]

Read the entire post here

Impacket Offense Basics With an Azure Lab

Author, External/Internal, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, InfoSec 201, Jordan Drysdale, Red Team Tools Jordan Drysdale

Impacket Offense Basics With an Azure Lab

Jordan Drysdale // Overview The following description of some of Impacket’s tools and techniques is a tribute to the authors, SecureAuthCorp, and the open-source effort to maintain and extend the […]

Read the entire post here

BLOG_chalkboard_00593

Author, General InfoSec Tips & Tricks, How-To, Informational, Red Team, Steve Borosh Microsoft 365, Spoofing, Steve Borosh

Spoofing Microsoft 365 Like It’s 1995

Steve Borosh // Why Phishing? Those of us on the offensive side of security often find ourselves in the position to test our clients’ resilience to phishing attacks. According to […]

Read the entire post here

thumbnail_BLOG_chalkboard_00592

Author, Blue Team, Blue Team Tools, General InfoSec Tips & Tricks, How-To, Hunt Teaming, Informational, InfoSec 101, Jordan Drysdale ARM Templates, Attribution, Detection, Engineering, Geopolitics, hunting, Microsoft Sentinel

Geopolitical Cyber-Detection Lures for Attribution with Microsoft Sentinel 

Jordan Drysdale // Summary! There are tons of security event management (SIEM) solutions available these days, but this blog will focus on Microsoft Sentinel. Sentinel is easy to deploy, logs […]

Read the entire post here

Author, Backdoors & Breaches, Blue Team, Blue Team Tools, Corey Ham, Fun & Games, Hal Denton, How-To, Informational, Jason Blanchard, Kiersten Gross, Noah Heckman, Troy Wojewoda, Webcasts

How to Use Backdoors & Breaches to do Tabletop Exercises and Learn Cybersecurity

Have you heard of Backdoors & Breaches, or even have a deck of your own, and yet… still don’t know how to use it? We created an incident response card […]

Read the entire post here

BLOG_chalkboard_00591

Author, C2, General InfoSec Tips & Tricks, Mike Felch, Red Team initial access, RDP, remote desktop

Rogue RDP – Revisiting Initial Access Methods

Mike Felch // The Hunt for Initial Access With the default disablement of VBA macros originating from the internet, Microsoft may be pitching a curveball to threat actors and red […]

Read the entire post here

«‹ 5 6 7 8›»

Follow Us

Looking For Something?

Browse by category

Recent Posts

  • How Attackers Use SSH.exe as a Backdoor Into Your NetworkSsh… Don’t Tell Them I Am Not HTTPS: How Attackers Use SSH.exe as a Backdoor Into Your Network
    Derek Banks // Living Off the Land Binaries, Scripts,
  • Talkin’ About Infosec News – 3/16/2023
    00:00 – PreShow Banter™ — Tossing Money at
  • Your Browser is Not a Safe SpaceYour Browser is Not a Safe Space
    Corey Ham // Tl;dr   Use a password manager

Browse by topic

Active Directory ADHD anti-virus Attack Tactics AV Beau Bullock Blue Team bypassing AV C2 Carrie Roberts command and control hacking hardware hacking Hashcat infosec Joff Thyer john strand Jordan Drysdale Kent Ickler Linux MailSniper Malware Microsoft Nessus password policy passwords password spraying pen-testing penetration testing pentest Pentesting phishing podcast PowerShell Python Raymond Felch Red Team red teaming RITA social engineering Sysmon tools webcast webcasts Windows

Archives

Back to top
Black Hills Information Security

115 W. Hudson St. Spearfish, SD 57783 | 701-484-BHIS
© 2008

Links
Search the site