Dakota Nelson// Cross Origin Request Sharing (CORS) is complicated, and that complexity creates a lot of places where security vulnerabilities can sneak in. This article will give you a “lite” overview of CORS, with a focus on security vulnerabilities that we see most frequently on tests. This isn’t intended to be a full CORS primer […]
Matthew Toussain// Join Matt Toussain as he talks about Mailsniper, a tool written by our very own Beau Bullock. Wouldn’t you like to START your pen tests knowing every username for all the individuals in your target environment? Gmail, G Suite, Outlook Web Access, Exchange Web Services… Email. A divine gift issued to hackers with […]
Kent R. Ickler// It seemed like we were always cross-referencing the Hashcat Wiki or help file when working with Hashcat. We needed things like specific flags, hash examples, or command syntax. We’ve generated a Hashcat Cheat Sheet for quick reference that may save you a bunch of time if you’re often reaching out to […]
John Strand // John is starting a new series of webcasts called Attack Tactics. This first part is a step-by-step walk-through of an attack BHIS launched against a customer, with just a few obfuscating tweaks. He covers the tools, how we used them and any other tricks we had to pull out for the attack. […]
Kent Ickler and Derrick Rauch* // Sun Protection Factor Err… wait a second. Sender Policy Framework Ladies and Gentlemen of the class of 1997, Wear Sunscreen…I will dispense my advice, now: “ Email “forging” exists in the web today, thanks @ustayready. Sender Policy Framework (SPF) was created with origins back in 2005 (RFC 4408) with more […]
Darin Roberts// If you have been in the security field for any length of time at all you have heard the term C2. You might have heard it also called C&C or Command and Control. I will refer to it as C2 as here at BHIS, that is what we do. Some of you might […]
Kent Ickler// TLDR: We use a custom dictionary to crack Microsoft Office document encryption. Then we use a custom dictionary for pwnage in LinkedIn hash database. Background: I recently got a couple of questions about a better way to crack encrypted Excel files. The question came from BHIS’s extended community who is using commercial password-recovery […]
BB King// BB King looks at testing modern web apps in that “enterprise environment” so many of us inhabit. Taking the perspective of the Lonely Application Security Person in an organization that may not shower you with cash and resources, we look at some free tools, some relatively cheap tools that do awesome things, and […]
Joff Thyer// Black Hills Information Security loves performing both internal penetration tests, as well as command and control testing for our customers. Thanks to the efforts of many great researchers in the industry, we are lucky enough to escalate privileges in many environments, laterally move, and demonstrate access to sensitive data. As a penetration tester, […]
