Volatility is a memory forensics tool that can pull SAM hashes from a vmem file. These hashes can be used to escalate from a local user or no user to a domain user leading to further compromise.
The post Offline Memory Forensics With Volatility appeared first on Black Hills Information Security, Inc..
In this video, Ethan Robish discusses the fundamentals and intricacies of data analytics using SQL.
The post Intro to Data Analytics Using SQL appeared first on Black Hills Information Security, Inc..
Jordan Drysdale // Summary! There are tons of security event management (SIEM) solutions available these days, but this blog will focus on Microsoft Sentinel. Sentinel is easy to deploy, logs [β¦]
The post Geopolitical Cyber-Detection Lures for Attribution with Microsoft SentinelΒ appeared first on Black Hills Information Security, Inc..
Jordan Drysdale & Kent Ickler // TL;DR Look for links, download them. Look for GPOs, import them. Look for screenshots, for guidance. Sysmon + Windows Audit Policies + Event Collectors [β¦]
The post How To Deploy Windows Optics: Commands, Downloads, Instructions, and Screenshots appeared first on Black Hills Information Security, Inc..
Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_AttackTactics7LogsYouAreLookingFor.pdf So we went through an attack in the BHIS Webcast, βAttack Tactics 5! Zero to Hero Attack.β Then we went through [β¦]
The post Webcast: Attack Tactics 7 β The Logs You Are Looking For appeared first on Black Hills Information Security, Inc..
Download slides:Β https://www.activecountermeasures.com/presentations In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed in Attack Tactics Part 5!!! Originally recorded [β¦]
The post Podcast: Attack Tactics 6! Return of the Blue Team appeared first on Black Hills Information Security, Inc..
Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_AttackTactics6ReturnofBlueTeam.pdf In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed [β¦]
The post Webcast: Attack Tactics 6! Return of the Blue Team appeared first on Black Hills Information Security, Inc..
Timecode links take you to YouTube: 4:11 β Infrastructure & Background8:28 β Overview & Breakdown of Attack Methodology and Plans11:35 β Start of Attack (Gaining Access), Password Spraying Toolkit15:24 β [β¦]
The post Webcast: Attack Tactics 5 β Zero to Hero Attack appeared first on Black Hills Information Security, Inc..
Join John Strand as he continues his Attack Tactic series this time with the defense ideas for the attacks mentioned in episode 3 (see more here) To see the entire [β¦]
The post PODCAST: From Active Countermeasures β Attack Tactics 4 appeared first on Black Hills Information Security, Inc..
John Strand// For this next installment of our Attack Tactics webcast series, John Strand looks at an environment that had no Active Directory. This is odd, but itβs becoming more [β¦]
The post WEBCAST: Attack Tactics 3 appeared first on Black Hills Information Security, Inc..
John talked about how weβd attack, hereβs how you can defend against those attacks. Grab the slides here:Β https://blackhillsinformationsecurity.shootproof.com/gallery/6843799/
The post PODCAST: Attack Tactics Part 2 appeared first on Black Hills Information Security, Inc..
This is the audio only version of Johnβs webcast about how we would attack your company during a pentest. Grab his slides here:Β Β https://blackhillsinformationsecurity.shootproof.com/gallery/6843799/
The post PODCAST: Attack Tactics Part 1 appeared first on Black Hills Information Security, Inc..
John Strand // This is the second part of our series about Attack Tactics, sponsored by our sister company, Active Countermeasures. In the first part we discussed how weβd attack. [β¦]
The post WEBCAST: Attack Tactics Part 2 appeared first on Black Hills Information Security, Inc..
John Strand // John is starting a new series of webcasts called Attack Tactics. This first partΒ is a step-by-step walk-through of an attack BHIS launched against a customer, with [β¦]
The post WEBCAST: Attack Tactics Part 1 appeared first on Black Hills Information Security, Inc..
John Strand // In the last webcast we covered initial Windows Live Forensics (see the recording here), in this one weΒ play with memory from a compromised system. We cover the [β¦]
The post WEBCAST: Windows Memory Forensics appeared first on Black Hills Information Security, Inc..
John Strand // So you think you might have a compromised Windows system. If you do, where do you start? How would you review the memory of that system? What [β¦]
The post WEBCAST: Live Forensics & Memory Analysis appeared first on Black Hills Information Security, Inc..
Login