Blog - Black Hills Information Security, Inc. blackhillsinfosec.com

Initial Access Operations Part 1: The Windows Endpoint Defense Technology Landscape

blackhillsinfosec.com·119w119 weeks ago

Actions for Initial Access Operations Part 1: The Windows Endpoint Defense Technology Landscape

Hacking with Hydra

blackhillsinfosec.com·120w120 weeks ago

Actions for Hacking with Hydra

Revisiting Insecure Direct Object Reference (IDOR)

blackhillsinfosec.com·121w121 weeks ago

Actions for Revisiting Insecure Direct Object Reference (IDOR)

Bypass NTLM Message Integrity Check - Drop the MIC

blackhillsinfosec.com·122w122 weeks ago

Actions for Bypass NTLM Message Integrity Check - Drop the MIC

Testing TLS and Certificates

blackhillsinfosec.com·123w123 weeks ago

Actions for Testing TLS and Certificates

Rooting For Secrets with TruffleHog

blackhillsinfosec.com·124w124 weeks ago

Actions for Rooting For Secrets with TruffleHog

Hunting for SSRF Bugs in PDF Generators

blackhillsinfosec.com·125w125 weeks ago

Actions for Hunting for SSRF Bugs in PDF Generators

Better Together: Real Time Threat Detection for Kubernetes with Atomic Red Tests & Falco

blackhillsinfosec.com·126w126 weeks ago

Actions for Better Together: Real Time Threat Detection for Kubernetes with Atomic Red Tests & Falco

Spamming Microsoft 365 Like It’s 1995

blackhillsinfosec.com·129w129 weeks ago

Actions for Spamming Microsoft 365 Like It’s 1995

OSINT for Incident Response (Part 1)

blackhillsinfosec.com·130w130 weeks ago

Actions for OSINT for Incident Response (Part 1)

The Simplest and Last Internet-Only ACL You’ll Ever Need

blackhillsinfosec.com·131w131 weeks ago

Actions for The Simplest and Last Internet-Only ACL You’ll Ever Need

Unpacking the Packet: Demystifying the Internet Protocol

blackhillsinfosec.com·133w133 weeks ago

Actions for Unpacking the Packet: Demystifying the Internet Protocol

Abusing Active Directory Certificate Services (Part 3)

blackhillsinfosec.com·134w134 weeks ago

Actions for Abusing Active Directory Certificate Services (Part 3)

Rotating Your Passwords After a Password Manager Breach

blackhillsinfosec.com·135w135 weeks ago

Actions for Rotating Your Passwords After a Password Manager Breach

Opt for TOTP to Deal With MFA App Sprawl

blackhillsinfosec.com·136w136 weeks ago

Actions for Opt for TOTP to Deal With MFA App Sprawl

Introducing GraphRunner: A Post-Exploitation Toolset for Microsoft 365

blackhillsinfosec.com·137w137 weeks ago

Actions for Introducing GraphRunner: A Post-Exploitation Toolset for Microsoft 365

Abusing Active Directory Certificate Services (Part 2)

blackhillsinfosec.com·138w138 weeks ago

Actions for Abusing Active Directory Certificate Services (Part 2)

Abusing Active Directory Certificate Services (Part 1)

blackhillsinfosec.com·139w139 weeks ago

Actions for Abusing Active Directory Certificate Services (Part 1)

Stop Phishing Yourself: How Auto-Forwarding and Exchange Contacts Can Stab You in the Back

blackhillsinfosec.com·141w141 weeks ago

Actions for Stop Phishing Yourself: How Auto-Forwarding and Exchange Contacts Can Stab You in the Back

Wrangling the M365 UAL with SOF-ELK and CSV Data (Part 3 of 3)

blackhillsinfosec.com·143w143 weeks ago

Actions for Wrangling the M365 UAL with SOF-ELK and CSV Data (Part 3 of 3)

Log in to enable infinite scrolling