PODCAST: Attack Tactics Part 3: No Active Directory? No Problem!

John Strand talks about how BHIS pen tests companies who use the cloud. Want to know how you can defend against attacks in your cloud infrastructure? Keep your eyes peeled for part 4!

Links:

Slides for this webcast can be found here, along with the full video

Chris Truncer’s GitHut: EyeWitness

Chris’s user guide to EyeWitness

BB King adds, “If someone’s asking about EyeWitness, point them at the Docker-ized version. It can be finicky about installation, and will drive you up a fargin’ wall.”

Shodan

Carrie’s Blog about scraping creds from LinkedIn

Mike & Beau’s Wild West Hackin’ Fest talk about how to insert malicious gCal events:

(click here for blog)