HTOC
Traditional detection methods are failing. Breach after breach, incident after incident, it is becoming clearer that attackers have a firm understanding of the industry-standard detection methods such as AV and IDS […]
Search Results for: RITA
Webcast: How to Prepare Before the Compromise
Click on the timecodes to jump to that part of the video (on YouTube) Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_HowtoPrepareBeforeCompromise.pdf 00:40 Intro, background information, how to deal with […]
Do You Know If Your DNS Server Can Be Used For DDoS Attacks?
Melissa Bruno // So you have an Internet-facing DNS server. Maybe you decided to set one up at home for fun, or your company has one that works with other […]
Analyzing ARP to Discover & Exploit Stale Network Address Configurations
Justin Angel// Introduction In penetration testing, ARP is most commonly discussed in terms of poisoning attacks where an attacker achieves a man-in-the-middle (MITM) position between victim nodes by contaminating the […]
Tap Into Your Valuable DNS Data
Joff Thyer // The Domain Name System (DNS) is the single most important protocol on the Internet. The distributed architecture of DNS name servers and resolvers has resulted in a […]
Webcast: Attack Tactics 6! Return of the Blue Team
Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_AttackTactics6ReturnofBlueTeam.pdf In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed […]
PODCAST: What Is a Red Team, Anyway?
Dakota Nelson // Dakota talks about the pentester pyramid of pain and the different types of tests available from an information security firm. See his slides here: https://blackhillsinformationsecurity.shootproof.com/gallery/7404264/ Extra links & […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
Offensive SPF: How to Automate Anti-Phishing Reconnaissance Using Sender Policy Framework
Kent Ickler // TL;DR: This post describes the process of building an active system to automatically recon SPF violations. Disclaimer: There are parts of this build that might not be legal […]
How To Disable LLMNR & Why You Want To
Kent Ickler // Link-Local Multicast Name Resolution (LLMNR) This one is a biggie, and you’ve probably heard Jordan, John, me, and all the others say it many many times. LLMNR […]