In this video, Kent Ickler and Jordan Drysdale discuss Attack Tactics 9: Shadow Credentials for Primaries, focusing on a specific technique used in penetration testing services at Black Hills Information Security
The post Attack Tactics 9: Shadow Creds for PrivEsc w/ Kent & Jordan appeared first on Black Hills Information Security, Inc..
by Jordan Drysdale and Kent Ickler tl;dr: BHIS does a lot of penetration testing in both traditional and continuous penetration testing (CPT) formats. This top ten style list was derived [β¦]
The post The Top Ten List of Why You Got Hacked This Year (2023/2024)Β appeared first on Black Hills Information Security, Inc..
Kent Ickler // Itβs been over two years since Jordan and I talked about a Blue Teamβs perspective on Red Team tools.Β Β A Blue Teamβs Perspective on Red Team Hack [β¦]
The post PlumHound Reporting Engine for BloodHoundAD appeared first on Black Hills Information Security, Inc..
Kent Ickler // Background BHIS uses several tools for monitoring infrastructure. One of the most important tools for us that helps monitor systems health is Zabbix. Itβs been a while [β¦]
The post Zabbix Templates for Security Analysts and Systems Administrators β EOY 2021 appeared first on Black Hills Information Security, Inc..
Kent Ickler // Background Over four years ago now, I wrote a blog post on fixing missing Content-Security-Policy by updating configuration on webservers: https://www.blackhillsinfosec.com/fix-missing-content-security-policy-website/. Content-Security-Policies instruct a userβs web browser [β¦]
The post Fixing Content-Security-Policies with Cloudflare Workers appeared first on Black Hills Information Security, Inc..
Kent Ickler // Because, you knowβthat should be a thing.Β TL;DR:Β Donβt run the UnifiΒ Controller on a laptop in the closet.Β Β Β BACKGROUNDΒ UbiquitiβsΒ Unifi controller is a network device, or software [β¦]
The post Hacking Unifi Controller Passwords for Fun and WIFI appeared first on Black Hills Information Security, Inc..
Jordan and Kent have heard from a lot of people that the past Black Hills Information Security (BHIS) webcasts: βGroup Policies That Kill Kill Chainsβ and βActive Directory Best Practices [β¦]
The post Webcast: The Quest for the Kill Chain Killer Continues appeared first on Black Hills Information Security, Inc..
Kent Ickler // TL;DR Want a quick fix?Β Almost every marketing platform weβve seen has decent tutorials on authorizing outbound email with SPF and DKIM authorization. If youβre a marketing [β¦]
The post How SPF, DKIM, and DMARC Authentication Works to Increase Inbox Penetration (Testing) Rates appeared first on Black Hills Information Security, Inc..
Jordan Drysdale & Kent Ickler // tl;dr Ubuntu base OS, install AZCLI, unpack terraform, gather auth tokens, run script, enjoy new domain.Β https://github.com/DefensiveOrigins/APT-Lab-Terraform For those of you who have been [β¦]
The post How To: Applied Purple Teaming Lab Build on Azure with Terraform (Windows DC, Member, and HELK!) appeared first on Black Hills Information Security, Inc..
Jordan Drysdale & Kent Ickler // Jordan and Kent are back again to continue strengthening organizationsβ information security human capital (Thatβs all you folks!). Organization Leadership and Security Practitioners can [β¦]
The post Webcast: Atomic Purple Team Framework and Life Cycle appeared first on Black Hills Information Security, Inc..
Jordan Drysdale & Kent Ickler // TL;DR Look for links, download them. Look for GPOs, import them. Look for screenshots, for guidance. Sysmon + Windows Audit Policies + Event Collectors [β¦]
The post How To Deploy Windows Optics: Commands, Downloads, Instructions, and Screenshots appeared first on Black Hills Information Security, Inc..
Kent and Jordan are back to continue their journey to make the world a better place. This time around, they will be reviewing a series of tools commonly used on [β¦]
The post Webcast: A Blue Teamβs Perspective on Red Team Hack Tools appeared first on Black Hills Information Security, Inc..
Do you know what your attackers know? Thereβs a good chance you know, but you might not be aware of just how much information can be found historically and in [β¦]
The post Webcast: Enterprise Recon For Purple Teams appeared first on Black Hills Information Security, Inc..
BHISβ Defensery Driven Duo Delivers Another Delectable Transmission! We know you are worried about your networks. After hours of discussion, weβve come to the realization that some of our dedicated [β¦]
The post Webcast: Letβs Talk About ELK Baby, Letβs Talk About You and AD appeared first on Black Hills Information Security, Inc..
On this webcast, weβll guide you through an iterative process of building and deploying effective and practical Group Policy Objects (GPOs) that increase security posture. Slides for this webcast can [β¦]
The post Webcast: Group Policies That Kill Kill Chains appeared first on Black Hills Information Security, Inc..
Download slides:Β https://www.activecountermeasures.com/presentations In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed in Attack Tactics Part 5!!! Originally recorded [β¦]
The post Podcast: Attack Tactics 6! Return of the Blue Team appeared first on Black Hills Information Security, Inc..
Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_AttackTactics6ReturnofBlueTeam.pdf In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed [β¦]
The post Webcast: Attack Tactics 6! Return of the Blue Team appeared first on Black Hills Information Security, Inc..
Timecode links take you to YouTube: 4:11 β Infrastructure & Background8:28 β Overview & Breakdown of Attack Methodology and Plans11:35 β Start of Attack (Gaining Access), Password Spraying Toolkit15:24 β [β¦]
The post Webcast: Attack Tactics 5 β Zero to Hero Attack appeared first on Black Hills Information Security, Inc..
Over the past few months, we have discovered a couple trends that organizations seem to be missing. No silver bullets, just some general vulnerability issues we are seeing again and [β¦]
The post PODCAST: Blue Team-Apalooza appeared first on Black Hills Information Security, Inc..
Kent Ickler & Jordan Drysdale // Preface We had a sysadmin and security professional βAAβ meeting on November 8, 2018. We met and discussed things that seem to be painfully [β¦]
The post WEBCAST: Blue Team-Apalooza appeared first on Black Hills Information Security, Inc..
Login