If you’ve been on a website and noticed one of the following features, there’s a good chance you’ve stumbled upon a hot spot for server-side request forgery (SSRF) bugs:  Before […]

The post Hunting for SSRF Bugs in PDF Generators  appeared first on Black Hills Information Security, Inc..

I previously blogged about spoofing Microsoft 365 using the direct send feature enabled by default when creating a business 365 Exchange Online instance (https://www.blackhillsinfosec.com/spoofing-microsoft-365-like-its-1995/). Using the direct send feature, it […]

The post Spamming Microsoft 365 Like It’s 1995  appeared first on Black Hills Information Security, Inc..

Being a digital forensics and incident response consultant is largely about unanswered questions. When we engage with a client, they know something bad happened or is happening, but they are […]

The post OSINT for Incident Response (Part 1) appeared first on Black Hills Information Security, Inc..

tl;dr  Implement this ACL using whatever network gear, cloud ACL config, or uncomplicated firewall you use to protect your networks. Our IOT devices are on 10.99.99.0/24 for this example. Also, […]

The post The Simplest and Last Internet-Only ACL You’ll Ever Need  appeared first on Black Hills Information Security, Inc..

The internet is a product of a global group effort to build an interoperable network connecting billions of devices, regardless of country, region, or manufacturer. That effort yielded hundreds of […]

The post Unpacking the Packet: Demystifying the Internet Protocol appeared first on Black Hills Information Security, Inc..

| Alyssa Snow In PART ONE and PART TWO of this blog series, we discussed common misconfigurations of Active Directory certificate templates. In this post, we will walk through exploitation […]

The post Abusing Active Directory Certificate Services (Part 3) appeared first on Black Hills Information Security, Inc..

| Ethan Robish It’s been nearly a year since Lastpass was breached and users’ encrypted vaults were stolen.  I had already migrated to a different password manager for all my […]

The post Rotating Your Passwords After a Password Manager Breach appeared first on Black Hills Information Security, Inc..

| Sean Verity Do you have a bunch of MFA apps on your phone that leave you feeling like you can’t put your arms down? Or maybe all those MFA […]

The post Opt for TOTP to Deal With MFA App Sprawl appeared first on Black Hills Information Security, Inc..

By Beau Bullock & Steve Borosh TL;DR We built a post-compromise toolset called GraphRunner for interacting with the Microsoft Graph API. It provides various tools for performing reconnaissance, persistence, and […]

The post Introducing GraphRunner: A Post-Exploitation Toolset for Microsoft 365 appeared first on Black Hills Information Security, Inc..

Hayden Covington // Phishing is an ever-present threat, but lately, user education and spam filters have helped mitigate some of that threat. But what happens when a phish makes it […]

The post Stop Phishing Yourself: How Auto-Forwarding and Exchange Contacts Can Stab You in the Back appeared first on Black Hills Information Security, Inc..

Patterson Cake // PART 1 PART 2 In part one of “Wrangling the M365 UAL,” we talked about acquiring, parsing, and querying UAL data using PowerShell and SOF-ELK. In part […]

The post Wrangling the M365 UAL with SOF-ELK and CSV Data (Part 3 of 3) appeared first on Black Hills Information Security, Inc..

Patterson Cake // In PART 1 of “Wrangling the M365 UAL,” we talked about the value of the Unified Audit Log (UAL), some of the challenges associated with acquisition, parsing, […]

The post Wrangling the M365 UAL with SOF-ELK on EC2 (Part 2 of 3) appeared first on Black Hills Information Security, Inc..

Patterson Cake // When it comes to M365 audit and investigation, the “Unified Audit Log” (UAL) is your friend. It can be surly, obstinate, and wholly inadequate, but your friend […]

The post Wrangling the M365 UAL with PowerShell and SOF-ELK (Part 1 of 3) appeared first on Black Hills Information Security, Inc..

Hey, Campers! It’s that time of year again. The smell of 0-day in the air. Charlatans roasting by the pyre. Old friends and new gather in one of the worst […]

The post Join Us for Camp BHIS @ DEF CON 31  appeared first on Black Hills Information Security, Inc..

Troy Wojewoda // In honor of Shark Week1, I decided to write this blog to demonstrate various techniques I’ve found useful when analyzing network traffic with Wireshark, as well as […]

The post Welcome to Shark Week: A Guide for Getting Started with Wireshark and TShark appeared first on Black Hills Information Security, Inc..

Serena DiPenti // Buckle up for this one because I’m about to give you A LOT of information. As someone who works in tech and creates tech content, I am […]

The post Shenetworks’ Guide to Landing Your First Tech Job appeared first on Black Hills Information Security, Inc..

Joseph Kingstone // Are you assigned a physical penetration test and want to fly under the radar and meet all of your objectives like the elite hacker you are? Stick around […]

The post If You Don’t Ruse, You Lose: A Simple Guide to Blending in While Breaking In  appeared first on Black Hills Information Security, Inc..

shenetworks // The Black Hills Information Security YouTube channel has over 400 videos available. Over the past year, I have attended many webcasts and explored plenty of the videos. I […]

The post Shenetworks Recommends: 9 Must Watch BHIS YouTube Videos appeared first on Black Hills Information Security, Inc..

Mobile App Testing is a category showing no signs of slowing down. In this video, BHIS tester Cameron Cartier walks us through linking Genymotion to Burp Suite for traffic monitoring. […]

The post Genymotion – Proxying Android App Traffic Through Burp Suite | Cameron Cartier appeared first on Black Hills Information Security, Inc..

Carrie Roberts // Guest Blog OK, I admit it: I might have a problem. But seriously, can you ever really have enough screen space? In this blog post, I’ll describe […]

The post Got Enough Monitors? appeared first on Black Hills Information Security, Inc..