Jordan Drysdale // Step 1: Build your capture rig RPi3, Kali, Battery Packs, 2 x supported wifi card of your choosing (I used the Alfa Black for this run). My finished product: Solar Battery Pack, Pi, Alfa, Rock and Roll xz -cd kali-2017.01-rpi2.img.xz | dd of=/dev/mmcblk0 bs=4M iflag=fullblock oflag=direct status=progress You may need to install Kismet. apt-get install kismet […]
Kent R. Ickler // How to Configure Distributed Fail2Ban: Actionable Threat Feed Intelligence Fail2Ban is a system that monitors logs and triggers actions based on those logs. While actions can be very customized, the typical use case is monitoring an auth-log for authentication errors and configuring a system to block the offending source IP. Fail2Ban […]
David Fletcher // During our testing, we encounter organizations of various different sizes, shapes, and composition. One that we’ve run across a number of times includes a fairly even mixture of Microsoft Windows and Apple OSX operating systems. Under normal circumstances it can be difficult to identify which users are using Windows and which are […]
Kent R. Ickler // You’ve heard us before talk about Bro, an IDS for network monitoring and analysis. We’ve had several installs of Bro over time here at BHIS. It’s about time for another build, and I thought it would be a good time to share an example methodology. This post is going to be […]
Carrie Roberts* // How does password cracking in the cloud compare to down here on earth? Maybe not as heavenly as imagined. I saw this on the web and got excited: “You can get up and running with a Kali GPU instance in less than 30 seconds. All you need to do is choose a […]
John Strand // In this webcast John covers how to set up Active Directory Active Defense (ADAD) using tools in Active Defense Harbinger Distribution (ADHD) and talks about potential active defense laws like Active Cyber Defense Certainty (ACDC). He shows how to create honey accounts, create callback word documents, and create fake SMB shares! All […]
Dear BHIS, So I’m a big fan of you guys’! I took John’s SANS504 OnDemand class and I saw the light. Now what? I want to get into security, (maybe because I want to torture myself) but how? How do I make the next step? How do I get into infosec? Also are you guys […]
Lee Kagan* // Deploying an offensive infrastructure for red teams and penetration tests can be repetitive and complicated. One of my roles on our team is to build-out and maintain the red team systems and control accesses to and from them. There’s an endless variety of what you may wish to deploy but I found […]
Kent R. Ickler // Referrer-Policy-What-What? Referrer-Policy is a security header that can (and should) be included on communication from your website’s server to a client. The Referrer-Policy tells the web-browser how to handle referrer information that is sent to websites when a user clicks a link that leads to another page or website. The Referrer-Policy can […]
