Getting Started In Pentesting – Advice From The BHIS Pentest Lead
Advice about getting started in pentesting from the BHIS pentest lead, including a learning path and why you should go all in on offensive security skills.
Pentesting
Bypassing WAFs Using Oversized Requests
Many web application firewalls (WAFs) can be bypassed by simply sending large amounts of extra data in the request body along with your payload. Most WAFs will only process requests up to a certain size limit. How the WAF is configured to handle these large requests determines exploitability, but some common WAFs will allow it by default.
Augmenting Penetration Testing Methodology with Artificial Intelligence – Part 3: Arcanum Cyber Security Bot
In my journey to explore how I can use artificial intelligence to assist in penetration testing, I experimented with a security-focused chat bot created by Jason Haddix called Arcanum Cyber Security Bot (available on https://chatgpt.com/gpts). Jason engineered this bot to leverage up-to-date technical information related to application security and penetration testing.
Augmenting Penetration Testing Methodology with Artificial Intelligence – Part 2: Copilot
A common use case for LLMs is rapid software development. One of the first ways I used AI in my penetration testing methodology was for payload generation.
Attack Tactics 9: Shadow Creds for PrivEsc w/ Kent & Jordan
In this video, Kent Ickler and Jordan Drysdale discuss Attack Tactics 9: Shadow Credentials for Primaries, focusing on a specific technique used in penetration testing services at Black Hills Information Security
Intro to Desktop Application Testing Methodology
In this video, experts delve into the intricacies of desktop application penetration testing methodologies.
What Is Penetration Testing?
In today’s world, security is more important than ever. As organizations increasingly rely on technology to drive business, digital threats are becoming more sophisticated, varied, and difficult to defend against. […]
Pentesting, Threat Hunting, and SOC: An Overview
By Ray Van Hoose, Wade Wells, and Edna Jonsson || Guest Authors This post is comprised of 3 articles that were originally published in the second edition of the InfoSec […]
Shenetworks Recommends: 9 Must Watch BHIS YouTube Videos
shenetworks // The Black Hills Information Security YouTube channel has over 400 videos available. Over the past year, I have attended many webcasts and explored plenty of the videos. I […]