Red Team

Author, Beau Bullock, Mike Felch, Red Team Tools, Webcasts Azure, Azure Active Directory, RDP, RDP logging Bypass, webcast

WEBCAST: RDP Logging Bypass and Azure Active Directory Recon

For this webcast we cover a couple of different topics. First, we talk about how to password spray in a non-attributable sort of way. Beau found a way to obfuscate […]

Read the entire post here

Author, Blue Team, Jordan Drysdale, Red Team BlueTeam, Cisco, External Pentest, internal pentest, Inventory, Jordan Drysdale, Nessus, RedTeam, SIET

Cisco Smart Install Escalation and Update!

Jordan Drysdale// tl;dr Both Cisco and Nessus have escalated the Smart Install Client Service feature/vulnerability. Nessus is now reporting the Smart Install RCE as critical. High five!!! Cisco has also […]

Read the entire post here

Author, John Strand, Podcasts, Red Team Tools podcast, Podcasts, top tools

PODCAST: BHIS Sorta Top Used Tools of 2018

In this webcast we cover some of the core tools we use all the time at Black Hills Information Security. However, there’s a twist. We don’t talk about Nessus, Nmap, […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

Author, John Strand, Red Team Tools, Webcasts tools, top tools, webcast, webcasts

WEBCAST: BHIS Sorta Top Used Tools of 2018

John Strand// In this webcast we cover some of the core tools we use all the time at Black Hills Information Security. However, there’s a twist. We don’t talk about […]

Read the entire post here

C2, How-To, Red Team C2, C2 over ICMP, command and control, ICMP, Internet Control Message Protocol, Red Team

How To: C2 Over ICMP

Darin Roberts // In previous blogs, I have shown how to get various C2 sessions. In this blog, I will be showing how to do C2 over ICMP. First, what […]

Read the entire post here

Author, Informational, Joff Thyer, Red Team Dropbox, Man-in-the-Middle, MITM, penetration tester, pentest, pentesting dropbox

Pentesting Dropbox on Steroids

Joff Thyer// Many of you have probably already looked at Beau Bullock’s fine blog entry on a penetration testing dropbox. Beau has some excellent guidance on how to build the […]

Read the entire post here

Author, Blue Team, External/Internal, Finding, Jordan Drysdale, Red Team BlueTeam, Cisco, External Pentest, internal pentest, Inventory, Jordan Drysdale, Nessus, RedTeam, SIET

Cisco Smart Installs and Why They’re Not “Informational”

Jordan Drysdale // tl;dr Cisco Smart Install is awesome (on by default)…for hackers… not sysadmins. So, you Nessus too? Criticals and highs are all that matter! Right??? Until this beauty […]

Read the entire post here

Author, Jordan Drysdale, Phishing, Red Team, Wireless brief how-to’s, eaphammer, hacking, hostapd-wpe, Jordan Drysdale, Python, rogue.py, Wireless, wireless phishing

Wireless Hack Packages Update

Jordan Drysdale// With Wild West Hackin’ Fest 2018 coming up (!!!), here’s a preview of some things you might see in the wireless labs. First, s0lst1c3’s eaphammer. @relkci and I […]

Read the entire post here

Author, Joff Thyer, Mobile, Red Team Android, Android APK, meterpreter, mobile apps, pentest, Red Team

Embedding Meterpreter in Android APK

Joff Thyer// Mobile is everywhere these days. So many applications in our daily life are being migrated towards a cloud deployment whereby the front end technology is back to the […]

Read the entire post here

«‹ 18 19 20 21 ›»