Why Do Car Dealers Need Cybersecurity Services?Â
Tom Smith // At Black Hills Information Security (BHIS), we deal with all manner of clients, public and private. Until a month or two ago, though, we’d never dealt with […]
penetration testing
Start to Finish: Configuring an Android Phone for Pentesting
Jeff Barbi // *Guest Post Background Unless you’re pentesting mobile apps consistently, it’s easy for your methodologies to fall out of date. Each new version of Android brings with it […]
Webcast: Sacred Cash Cow Tipping 2019
John Strand // Yet again it is time for another edition of Sacred Cash Cow Tipping! Or, “Why do these endpoint security bypass techniques still work? Why?” The goal of […]
Performing a Physical Pentest? Bring This!
Jordan Drysdale// Physical Pentest Upcoming? Bring a Badgy. While badge reproduction may not be the intended use of this product, if you are a physical tester and you don’t own […]
Digging Deeper into Vulnerable Windows Services
Brian Fehrman // Privilege escalation is a common goal for threat actors after they have compromised a system. Having elevated permissions can allow for tasks such as: extracting local password-hashes, […]
A Morning with Cobalt Strike & Symantec
Joff Thyer // If you have been penetration testing a while, you likely have ended up in a Red Team situation or will be engaged in it soon enough. From […]
How to Build a C2 Infrastructure with Digital Ocean – Part 1
Lee Kagan* // Deploying an offensive infrastructure for red teams and penetration tests can be repetitive and complicated. One of my roles on our team is to build-out and maintain […]
Web Server Screenshots with a Single Command
Carrie Roberts // EyeWitness is a handy tool developed by Chris Truncer for grabbing web browser screenshots from a list of URLs. Especially handy for pen-testers is its ability to create […]
1 2