The “P” in PAM is for Persistence: Linux Persistence Technique
Learn about a pentesting tool using the Pluggable Authentication Module for privilege escalation, lateral movement, and persistence in Linux.
Red Team
Social Engineering and Microsoft SSPR: The Road to Pwnage is Paved with Good IntentionsÂ
This scenario simultaneously tests identity confirmation tooling (SSPR, MFA, Conditional Access), how users act under pressure, and the organization’s ability to detect and follow-up on social engineering attacks.
The Curious Case of the Comburglar
By Troy Wojewoda During a recent Breach Assessment engagement, BHIS discovered a highly stealthy and persistent intrusion technique utilized by a threat actor to maintain Command-and-Control (C2) within the client’s […]
Why You Got Hacked – 2025 Super Edition
This article was written to provide readers with an overview of a selection of our pentest results from the last 15 months. This data was gathered toward the end of September 2025. Shockingly, the data does not differ much from our prior analyses conducted at the end of 2022 or 2023.
GoSpoof – Turning Attacks into IntelÂ
Imagine this: You’re an attacker ready to get their hands on valuable data that you can sell to afford going on a sweet vacation. You do your research, your recon, everything, ensuring that there’s no way this can go wrong. The day of the attack, you brew some coffee, crack your knuckles, and get started. A few hours into the service scan, you come to realize that all the network ports are open, but in use.
DomCat: A Domain Categorization Tool
DomCat is a command-line tool written in Golang that helps the user find expired domains with desirable categorizations.
Default Web Content
Whether it’s forgotten temporary files, installation artifacts, READMEs, or even simple image files–default content on web servers can turn into a boon for attackers. In the most innocent of cases, these types of content can let attackers know more about the tech stack of the environment, and in the worst case scenario can lead to exploitation.
Bypassing CSP with JSONP: Introducing JSONPeek and CSP B Gone
A Content Security Policy (CSP) is a security mechanism implemented by web servers and enforced by browsers to prevent various types of attacks, primarily cross-site scripting (XSS). CSP works by restricting resources (scripts, stylesheets, images, etc.) on a webpage to only execute if they come from approved sources. However, like most things in security, CSP isn’t bulletproof.
Offensive Tooling Cheatsheets: An Infosec Survival Guide Resource
An Infosec Survival Guide Resource, released as blog posts, with fully designed, printer-friendly PDF cheatsheets.