How to Build a 404 page not found C2
A Guest blog by Matthew Pawelski // A C2, or command-and-control, is used by attackers to control compromised systems. Most of these C2s are in control of large botnets, yet […]
Data Mining & Privacy: How Anonymous Are You Really?
Sam Carroll // When I started at BHIS I was surprised at the sensitivity of personal data, such as my birthday. I was soon reminded of a data mining class […]
Lawrence’s List 071516
Lawrence Hoffman // Hey, I’m back! Vacation was great. I spent part of last week on an Island so I was unable to scratch the keep-up-with-the-media itch. Now that I’m […]
Get to Know a Tester: Sally
Note: A few months ago we did a short interview with a tester when we talked to Ethan. This month we had a conversation with Sally Vandeven, who’s only been […]
Securing Your Way to Restful Sleep with Ansible Galaxy
Jordan Drysdale // Life as a ‘blue-teamer’ can often be a stressful experience. Working in an environment with a strong Linux infrastructure can help some, but Ansible can help […]
Three Simple Disguises for Evading Antivirus
Logan Lembke // Antivirus has been a key component in defending computer systems since the 1990s. Over the years, antivirus began to dominate the discussion of PC security with other […]
Question: What Can I Learn from Password Spraying a 2FA Microsoft Web App Portal?
Carrie Roberts // Answer: Enough to make it worth it! Penetration testers love to perform password spraying attacks against publicly available email portals as described here in this great post by Beau Bullock. […]
Lawrence’s List 070116
Lawrence Hoffman // As I previously mentioned I’m on vacation this week and next. As I like to go for long cross-country drives I’ve not had much time to keep […]
A Letter from John
John Strand // Last week BHIS took a new direction as a company. (Warning, this blog is not technical. But it is important.) In the past few years we’ve grown […]