Beau Bullock

Beau Bullock, General InfoSec Tips & Tricks, Informational, InfoSec 101, Kaitlyn Wimberley, Red Team Tools Cheatsheet, GraphRunner, Infosec for Beginners, InfoSec Survival Guide

GraphRunner Cheatsheet

GraphRunner is a collection of post-exploitation PowerShell modules for interacting with the Microsoft Graph API. It provides modules for enumeration, exfiltration, persistence, and more!

Read the entire post here

Beau Bullock, How-To, Red Team, Red Team Tools, Steve Borosh Azure, cloud, microsoft365

Introducing GraphRunner: A Post-Exploitation Toolset for Microsoft 365

By Beau Bullock & Steve Borosh TL;DR We built a post-compromise toolset called GraphRunner for interacting with the Microsoft Graph API. It provides various tools for performing reconnaissance, persistence, and […]

Read the entire post here

Author, Beau Bullock, Steve Borosh, Webcasts

Webcast: Demystifying Web3 Attack Vectors, w/ Beau Bullock and Steve Borosh

Read the entire post here

00559_09202021_WebcastGettingStartedBlockchain

Author, Beau Bullock, How-To, Informational, Webcasts

Webcast: Getting Started in Blockchain Security and Smart Contract Auditing

Why is blockchain security important? Blockchain usage has exploded since the Bitcoin whitepaper was first published in 2008. Many applications rely on this technology for increased trust and privacy, where […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

00539_06012021_WebcastGettingStartedPentestingCloud

Author, Beau Bullock, How-To, Informational, InfoSec 101, Webcasts

Webcast: Getting Started in Pentesting The Cloud: Azure

In this Black Hills Information Security (BHIS) webcast, you will learn tools and techniques for performing penetration tests against Microsoft Azure environments. Increasingly, more organizations are migrating resources to being […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

Author, Beau Bullock, How-To, Informational

Exploiting MFA Inconsistencies on Microsoft Services

Beau Bullock // Overview On offensive engagements, such as penetration tests and red team assessments, I have been seeing inconsistencies in how MFA is applied to the various Microsoft services. […]

Read the entire post here

Author, Beau Bullock, How-To, Informational, Red Team, Red Team Tools Beau Bullock, Check-LocalAdminHash, Invoke-TheHash, PowerShell, PowerView, PSReadline, TL;DR

Check-LocalAdminHash & Exfiltrating All PowerShell History

Beau Bullock // TL;DR Check-LocalAdminHash is a new PowerShell script that can check a password hash against multiple hosts to determine if it’s a valid administrative credential. It also has […]

Read the entire post here

00387_05112019_PODCAST_Weaponizing_Intel

Author, Beau Bullock, Mike Felch, Password Spray, Phishing, Podcasts, Recon, Red Team, Red Team Tools, Social Engineering Beau Bullock, Demos, FireProx, Mike Felch, PII, recon, Social Media, Social Trust Attack, tools

Podcast: Weaponizing Corporate Intel. This Time, It’s Personal!

Beau Bullock & Mike Felch// Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here