Black Hills Information Security, Inc.
RSS
  • All Services
    • Complete Service Guide
    • Active SOC
    • AI Security Assessments
    • Blockchain Security
    • Blue Team Services
    • Continuous Penetration Testing
    • High-Profile Risk Assessments
    • Incident Response
    • Penetration Testing
  • Contact Us
    • Contact Us
    • Email Sign-Up
  • About Us
    • Security Consultants
    • Admin
    • SOC Team
    • BHIS Family of Companies
  • Free Resources
    • Blogs
    • Free Cybersecurity Tools
    • Free Cybersecurity Webcasts
    • Podcasts
    • RITA
  • Training
    • BHIS & Antisyphon Training
    • WWHF Conference
  • Online Community
    • Discord
    • LinkedIn
    • YouTube
    • Bluesky
    • Twitter/X
    • Upcoming Events
  • Fun Stuff
    • Backdoors & Breaches
    • Merch, Zines & More
    • PROMPT# Zine
    • REKCAH
    • Books

Credential Stuffing

Attack Tool(s): CredMaster, Burp Suite, Hashcat, Hydra

  • CredMaster: https://github.com/knavesec/CredMaster
  • Burp Suite: https://portswigger.net/burp
  • Hashcat: https://hashcat.net/hashcat/
  • Hydra: https://github.com/vanhauser-thc/thc-hydra

Detection Link(s):

  • Server Analysis
  • User and Entity Behavior Analytics (UEBA)
  • Cloud Event Log Analysis
  • Security Information and Event Management (SIEM) Log Analysis

Helpful Blogs (BHIS):

  • “Running Hashcat on Ubuntu” – https://www.blackhillsinfosec.com/running-hashcat-on-ubuntu-18-04-server-with-1080ti – Hashcat setup.
  • “Using Simple Burp Macros” – https://www.blackhillsinfosec.com/using-simple-burp-macros-to-automate-testing – Burp Suite tips.
BNB_CARDS_v3_10
Back to top
Black Hills Information Security, Inc.

890 Lazelle Street, Sturgis, SD 57785-1611 | 701-484-BHIS (2447)
© 2008


About Us | BHIS Tribe of Companies | Privacy Policy | Contact

Links
Search the site