How to Evade Application Whitelisting Using REGSVR32
Joff Thyer // I was recently working on a Red Team for a customer that was very much up to date with their defenses. This customer had tight egress controls, […]
Joff Thyer // I was recently working on a Red Team for a customer that was very much up to date with their defenses. This customer had tight egress controls, […]
Robert Schwass*// Last week I was asked twice in one day if I knew what XML External Entity (XXE) Vulnerabilities were. Maybe they are making a comeback in mainstream security […]
Carrie Roberts // EyeWitness is a handy tool developed by Chris Truncer for grabbing web browser screenshots from a list of URLs. Especially handy for pen-testers is its ability to create […]
Brian Fehrman // Someone recently posed a question to BHIS about creating C2 channels in environments where heavily restrictive egress filtering is being utilized. Testers at BHIS, and in the […]
Jordan Drysdale, victim // Kent Ickler, adversary // In this post, our victim locks their computer and heads out for a coffee refill. The adversary smashes through all system and […]
Beau Bullock // Overview HostRecon is a tool I wrote in PowerShell to assist with quickly enumerating a number of items that I would typically check after gaining access to […]
Sally Vandeven // All of the BHIS testers are pretty geeked about Hak5’s newest toy — the Bash Bunny. Last week, Jordan blogged about the USB Exfiltration payload. Today I […]
Jordan Drysdale // This is a super quick write-up on the first very useful payload we tested and confirmed as 100% reliable on all Windows systems (XP-SP3+) with PowerShell enabled. […]
Derek Banks // As pentesters, it is probably not a surprise that we tend to make fairly heavy use of Kali Linux on a fairly regular basis. The folks at Offensive […]