Hide Payload in MS Office Document Properties
Carrie Roberts* // Can you think of a reason why you might want to put a lengthy comment into the properties of an MS Office document? If you can, then […]
Pentesting
WEBCAST: CredDefense Toolkit
Beau Bullock, Brian Fehrman, & Derek Banks // Pentesting organizations as your day-to-day job quickly reveals commonalities among environments. Although each test is a bit unique, there’s a typical path […]
End-Point Log Consolidation with Windows Event Forwarder
Derek Banks // I want to expand on our previous blog post on consolidated endpoint event logging and use Windows Event Forwarding and live off the Microsoft land for shipping […]
The CredDefense Toolkit
Derek Banks, Beau Bullock, & Brian Fehrman // Our clients often ask how they could have detected and prevented the post-exploitation activities we used in their environment to gain elevated […]
Towards a Quieter Firefox
Brian King // On a recent webapp test, I got a little frustrated with all the extra HTTP requests showing up in my Burpsuite Proxy History from connections that Firefox […]
Domain Goodness – How I Learned to LOVE AD Explorer
Sally Vandeven // OR How to Pentest with AD Explorer! Mark Russinovich’s Sysinternals tools (Microsoft) are nothing new. They have been a favorite among system administrators for many, many years. […]
How to Use Nmap with Meterpreter
Brian Fehrman // You’ve sent your phishing ruse, the target has run the Meterpreter payload, and you have shell on their system. Now what? If you follow our blogs, you […]
Web Server Screenshots with a Single Command
Carrie Roberts // EyeWitness is a handy tool developed by Chris Truncer for grabbing web browser screenshots from a list of URLs. Especially handy for pen-testers is its ability to create […]
How to Bypass Web-Proxy Filtering
Brian Fehrman // Someone recently posed a question to BHIS about creating C2 channels in environments where heavily restrictive egress filtering is being utilized. Testers at BHIS, and in the […]