Impacket Offense Basics With an Azure Lab
Jordan Drysdale // Overview The following description of some of Impacket’s tools and techniques is a tribute to the authors, SecureAuthCorp, and the open-source effort to maintain and extend the […]
General InfoSec Tips & Tricks
Spoofing Microsoft 365 Like It’s 1995
Steve Borosh // Why Phishing? Those of us on the offensive side of security often find ourselves in the position to test our clients’ resilience to phishing attacks. According to […]
Geopolitical Cyber-Detection Lures for Attribution with Microsoft Sentinel
Jordan Drysdale // Summary! There are tons of security event management (SIEM) solutions available these days, but this blog will focus on Microsoft Sentinel. Sentinel is easy to deploy, logs […]
Rogue RDP – Revisiting Initial Access Methods
Mike Felch // The Hunt for Initial Access With the default disablement of VBA macros originating from the internet, Microsoft may be pitching a curveball to threat actors and red […]
The DNS over HTTPS (DoH) Mess
Joff Thyer // I woke up this Monday morning thinking that it’s about time I spent time looking at my Domain Name Service (DNS) configuration in my network. (This thought […]
The Azure Sandbox – Purple Edition
Jordan Drysdale // Azure has replaced AWS in my personal development pipeline. This may sound crazy but hear me out. Microsoft has solidified its offerings, done nothing but improve its […]
Webcast: Hack for Show, Report For Dough: Part 2
At Black Hills Information Security (BHIS), we make our living doing pentesting, but we’ve never once been paid for a pentest. Penetration Testers get paid for their reports. For their […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
Center for Internet Security (CIS) v8 – Why You Should Care
Dale Hobbs // The Center for Internet Security (CIS) Controls are a recommended set of highly effective defensive actions for cyber defense that provide specific and actionable methods to prevent the most dangerous and pervasive cyber-attacks. They were initially […]
What To Know About Microsoft’s Registry Hive Flaw: #SeriousSAM
#hivenightmare / #lolwut Jeff McJunkin* // What is it? tl;dr — Unpatched privilege escalation in Windows 10 in nearly all supported builds. The vulnerability (CVE-2021–36934) allows an attacker with limited […]