HTOC
Traditional detection methods are failing. Breach after breach, incident after incident, it is becoming clearer that attackers have a firm understanding of the industry-standard detection methods such as AV and IDS […]
Traditional detection methods are failing. Breach after breach, incident after incident, it is becoming clearer that attackers have a firm understanding of the industry-standard detection methods such as AV and IDS […]
Click on the timecodes to jump to that part of the video (on YouTube) Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_HowtoPrepareBeforeCompromise.pdf 00:40 Intro, background information, how to deal with […]
Melissa Bruno // So you have an Internet-facing DNS server. Maybe you decided to set one up at home for fun, or your company has one that works with other […]
Justin Angel// Introduction In penetration testing, ARP is most commonly discussed in terms of poisoning attacks where an attacker achieves a man-in-the-middle (MITM) position between victim nodes by contaminating the […]
Joff Thyer // The Domain Name System (DNS) is the single most important protocol on the Internet. The distributed architecture of DNS name servers and resolvers has resulted in a […]
Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_AttackTactics6ReturnofBlueTeam.pdf In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed […]
Dakota Nelson // Dakota talks about the pentester pyramid of pain and the different types of tests available from an information security firm. See his slides here: https://blackhillsinformationsecurity.shootproof.com/gallery/7404264/ Extra links & […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
Kent Ickler // TL;DR: This post describes the process of building an active system to automatically recon SPF violations. Disclaimer: There are parts of this build that might not be legal […]
Kent Ickler // Link-Local Multicast Name Resolution (LLMNR) This one is a biggie, and you’ve probably heard Jordan, John, me, and all the others say it many many times. LLMNR […]