Black Hills Information Security, Inc.
RSS
  • About Us
    • Security Analysts
    • Admin
    • SOC Team
    • Interns
    • BHIS Family of Companies
  • Contact
    • Contact Us
    • Email Sign-Up
  • Services
    • Complete Service Guide
    • Active SOC
    • AI Security Assessments
    • Blockchain Security
    • Blue Team Services
    • Continuous Penetration Testing
    • High-Profile Risk Assessments
    • Incident Response
    • Penetration Testing
  • Tools
    • All Tools
    • RITA
    • Books
    • REKCAH
  • Learn
    • Backdoors & Breaches
    • Blogs
    • Podcasts
    • PROMPT# Zine
    • Webcasts
  • Community
    • Discord
    • LinkedIn
    • T-Shirts & Hoodies
    • Twitter
    • Upcoming Events
    • YouTube
  • Training
  • WWHF
mail_sniper

Author, Beau Bullock, External/Internal, Red Team Beau Bullock, FindPeople, Get-GlobalAddressList, Invoke-PasswordSprayOWA, InvokePasswordSprayEWS, MailSniper, OWA, updates

Attacking Exchange with MailSniper

Beau Bullock // I’ve added in a few modules to MailSniper that will assist in remote attacks against organizations that are hosting an externally facing Exchange server (OWA or EWS). Specifically, […]

Read the entire post here
employee kr 1

InfoSec 101 our interns love us, we love our interns

Many Thanks to BHIS

Kali Regenold // My time here at Black Hills Information Security has been short so far, but I believe it’s been the most important four months of my computer science […]

Read the entire post here
gangster_geek

Author, InfoSec 101, John Strand how John got bitter, Life Lessons, Pentesting, pentesting lessons, when in doubt ask

Ten years later… Memories from Pentesting Past

John Strand // So, I have passed the timeframe where I have been actively penetration testing for over a decade…. I have a large number of pretty strongly held beliefs […]

Read the entire post here

Author, InfoSec 201, John Strand Pentesting, PenTesting Trends, Real Intelligence Threat Analysis, RITA, RITA2.0

John’s Talk from DerbyCon 2016

John Strand //

Read the entire post here
00116_09252016_IntroducingMailSniper

Author, Beau Bullock, External/Internal, Red Team Beau Bullock, hunting, Pentesting, pillaging, red teaming, sensitive info, yolo

Introducing MailSniper: A Tool For Searching Every User’s Email for Sensitive Data

Beau Bullock // TL;DR MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It […]

Read the entire post here
Turning a Raspberry Pi 3 Into a Cloaking Device With goSecure VPN

Author, How-To, Jordan Drysdale cloaking, goSecure, great success, IADGov, magical time, non-attrib, raspberry Pi, VPN

Turning a Raspberry Pi 3 Into a Cloaking Device With goSecure VPN

Jordan Drysdale // This article, like the IADGov link here has three major steps. First, acquire a Raspberry Pi and a VPS running CentOS 6.8. Second, configure the server and Raspberry […]

Read the entire post here
Philosoraptor - If my reverse shell never reaches the listener was the payload ever even executed?

External/Internal, Red Team Brute Forcing, Listeners, PowerShell, SET

Adding Egress Brute Force to PowerShell Payloads

Guest post* by Robert Schwass // We’ve all been there. You craft the perfect phishing email, register a great domain name, your multi handler is set up ever so perfectly. And […]

Read the entire post here
twitter girl.png

InfoSec 201 fun with social networks, kony2012, social engineering, social media mining

Mining Mary’s Social Media Antics for Social Engineering

Christine Sorensen // Let’s talk about Mary. Mary Watson is a girl in her twenties and just graduated from Midtown University with her bachelors in Fashion Merchandising. Mary is now […]

Read the entire post here
stickynotecomputer

External/Internal, Red Team Burp, Duct Tape, Mechanical Engineering, password spraying, pen-testing

Downloading an Address Book from an Outlook Web App (OWA) Portal

Carrie Roberts //  Update 10/03/16: Want to download the address book automatically with PowerShell? Check out Beau Bullocks latest additions to MailSniper As part of a penetration test, you’ve gained access […]

Read the entire post here
«‹ 62 63 64 65›»

Follow Us

Looking For Something?

Browse by category

Recent Posts

  • copilotbronwen_headerCaging Copilot: Lessons Learned in LLM Security
    For those of us in cybersecurity, there are a lot of
  • copilot_headerAugmenting Penetration Testing Methodology with Artificial Intelligence – Part 2: Copilot
    A common use case for LLMs is rapid software
  • burpference_headerAugmenting Penetration Testing Methodology with Artificial Intelligence – Part 1: Burpference
    Burpference is a Burp Suite plugin that takes requests

Browse by topic

Active Directory ADHD AI anti-virus Attack Tactics AV Beau Bullock BHIS Blue Team bypassing AV C2 Carrie Roberts cloud Cyber Deception encryption hacking infosec Infosec for Beginners Joff Thyer john strand Jordan Drysdale Kent Ickler Linux MailSniper Microsoft Nessus passwords password spraying pen-testing penetration testing pentest Pentesting phishing podcast PowerShell Python Raymond Felch Red Team red teaming RITA Sysmon tools webcast webcasts Windows

Archives

Back to top
Black Hills Information Security, Inc.

890 Lazelle Street, Sturgis, SD 57785-1611 | 701-484-BHIS (2447)
© 2008-2024


About Us | BHIS Tribe of Companies | Privacy Policy | Contact

Links
Search the site