Using Burp with ProxyCannon
Carrie Roberts // ProxyCannon is an amazing tool for automatically routing your traffic through multiple cloud servers to diversify the source IP addresses of your traffic. (Thank you #_shellIntel). As […]
Carrie Roberts // ProxyCannon is an amazing tool for automatically routing your traffic through multiple cloud servers to diversify the source IP addresses of your traffic. (Thank you #_shellIntel). As […]
Sally Vandeven // Back in November Beau Bullock wrote a blog post describing how his awesome PowerShell tool MailSniper can sometimes bypass OWA portals to get mail via EWS if […]
Sally Vandeven & the BHIS Team // I was recently on an assessment where I was able to grab all the password hashes from the domain controller. When I extracted the hashes and […]
Jordan Drysdale // Sally and I recently ventured to an on-site wireless engagement with a very security-mature customer. Long story short, the level of protection that WPA2 Enterprise with certificate validation provides […]
Sierra Ward* // Normally I am hidden in the back rooms at BHIS, chipping away at 10 million marketing tasks. I show up occasionally in webcasts, lurking again in the shadows, […]
Brian B. King // Red Teaming is one of those terms popping up all over the place lately, and it seems to mean different things to different people. Is it […]
Heather Doerges // Of all the services we offer at BHIS, Social Engineering is the most interesting to me. It’s something (and quite possibly the only thing) I completely understand […]
Carrie Roberts & Chevy Swanson // How do we make sure people open up our malicious files and execute them? We simply let Microsoft work for years and years to gain […]
Carrie Roberts // In information security, what is the difference between a vulnerability assessment and a penetration test? A penetration test is a vulnerability assessment with the addition of exploitation […]