Check Your Perimeter
David Fletcher // With so many organizations transitioning to remote work in order to stem the tide of COVID-19 infections, we wanted to cover some of the configuration elements you […]
David Fletcher // With so many organizations transitioning to remote work in order to stem the tide of COVID-19 infections, we wanted to cover some of the configuration elements you […]
Want to learn how attackers bypass endpoint products? Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_SacredCashCowTipping2020.pdf 3:41 – Alternate Interpreters 9:19 – Carbon Black Config Issue 15:07 – Cisco […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
Justin Angel // Penetration testing and red team engagements often require operators to collect user information from various sources that can then be translated into inputs to support social engineering […]
John Strand // I have quite a few calls with customers who do not know where to begin when it comes to application whitelisting. Often, the approach some organizations take […]
John Strand // In this blog, I want to walk through how we can set up Sysmon to easily get improved logging over what we get from normal (and just […]
TJ Nicholls // *BHIS Guest Contributor TL;DR How many times have you had to parse the same output from a tool? Wouldn’t you like to get that time back? There […]
Brian B. King // This is a companion post to BBKing’s “Hack for Show, Report for Dough” report, given at BSides Cleveland in June 2019. The fun part of pentesting is […]
This webcast was originally given live on June 5th, 2019 by John Strand and the BHIS (card) Testers. How To Play! download and print a pdf version of “how to […]
Mike Felch// How to Purge Google and Start Over – Part 1 Brief Recap In part 1, we discussed a red team engagement that went south when the Google SOC […]