PODCAST: Attack Tactics Part 3: No Active Directory? No Problem!

John Strand talks about how BHIS pen tests companies who use the cloud. Want to know how you can defend against attacks in your cloud infrastructure? Keep your eyes peeled for part 4!

Links:

Slides for this webcast can be found here, along with the full video

Chris Truncer’s GitHut: EyeWitness

Chris’s user guide to EyeWitness

BB King adds, “If someone’s asking about EyeWitness, point them at the Docker-ized version. It can be finicky about installation, and will drive you up a fargin’ wall.”

Shodan

Carrie’s Blog about scraping creds from LinkedIn

Mike & Beau’s Wild West Hackin’ Fest talk about how to insert malicious gCal events:

(click here for blog)



Want to level up your skills and learn more straight from John himself?
You can check out his classes below!

SOC Core Skills

Active Defense & Cyber Deception

Getting Started in Security with BHIS and MITRE ATT&CK

Introduction to Pentesting

Available live/virtual and on-demand